More than a dozen hospitals in England and major companies,
including FedEx and Spain's largest telecom, were affected in Friday's
hack. At least 16 National Health Service hospitals and related
organizations were affected in England and another five in Scotland,
officials said in a statement.
British Prime Minister Theresa May said "no
patient data has been compromised" but one of her ministers admitted
Saturday that it had no idea who was behind the attack. The malicious software — known as the Wanna Decryptor, or WannaCry — locks a system and its files from use unless money is paid to hackers.
The malware typically spreads through email phishing programs and had exploited a known bug in Microsoft Windows' operating system.
It is especially nasty because it acts like a worm — finding security holes in a computer to spread throughout a network.
"The scale of it — that's pretty unprecedented," Ben Rapp, the CEO of IT support company Managed Networks, told NBC News' British partner ITV News. "There's been a lot of ransomware in hospitals, but to see 16 hospitals, last time I looked, and reports of other people — this is probably the biggest ransomware attack we've seen."
Microsoft said it was pushing out automatic Windows updates to defend its clients from the malware.
Whistleblower Edward Snowden blamed the NSA for the damage, tweeting: "If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened."
In a statement, FedEx said that it was "experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible."
The Memphis, Tennessee-based global delivery company did not immediately say whether a ransom was demanded for return of their computers' functions.
Spanish telecom giant Telefonica confirmed in a statement that a "cybersecurity incident" occurred Friday that affected the computers at its Madrid headquarters.
China's official news agency Xinhua said secondary schools and universities were hit, but did not say how many or identify them.
In a twist, a 22-year-old UK cybersecurity researcher, known online as MalwareTech, has been hailed as an 'accidental hero' for halting the spread of the malware bug.
The researcher reportedly identified a domain name in the malware virus and purchased the site, which acted as a "kill switch", according to ITV News.
It is not the first time ransomware has been used. And sometimes, hackers hit the jackpot: Last year, Hollywood Presbyterian Medical Center forked over $17,000 after suffering a ransomware attack.
Friday's demand — reportedly for $300 of digital currency Bitcoin — is relatively low, according to experts. "It's a small ransom," said Gene Spafford, founder and executive director emeritus of Purdue University's Center for Education and Research in Information Assurance and Security. "But if you set the price too high then many of their victims won't pay."
Spafford said ransomware typically targets those without strong security in place, such as home users and small companies.
The mayor of the small community of Timra, Sweden — population 10,000 — told Reuters it has "around 70" computers affected.
"I think what was unique about this ransomware is that it essentially used a security flaw in a very common set of software that allowed it to self-replicate across the facilities and environments that it was in," Feinblum said.
"And that's not very typical in the ransomware world and that's something that we haven't really seen at scale in a long time," he said.
No comments: