Previous Story
Cyber attack hit 200000 victims across 150 countries, says Europol chief
Posted On May 15 2017
Comment: Off
This is already believed to be the biggest online extortion attack ever recorded, disrupting services in nations as diverse as the U.S., Russia, Ukraine, Brazil, Spain and India.
“We are in the face of an escalating threat, the numbers are going up”, he said. We have been battling computer viruses for over 25 years, so it is disheartening that we still see individuals and organisations fall victim to these attacks. In an interview on ABC’s “This Week”, Clapper said the worry was “this ransomware attack will be even larger” as people return to their desks after the weekend.
“A review of the three payment addresses hardcoded into the Wana ransomware strain indicates that these accounts to date have received 100 payments totaling slightly more than 15 Bitcoins – or approximately $26,148 at the current Bitcoin-to-dollars exchange rate”.
“He actually probably saved lives by accident”, Kennedy said, referring to the security researcher who discovered the kill switch. This further proves that by keeping security vulnerabilities secret and failing to protect them, security agencies are dealing more damage to the very people they’ve sworn to protect.
The cyberattack affected 16 organizations that are part of the National Health Service on Friday, causing some surgical procedures to be canceled and ambulances diverted.
Chinese media reported Sunday that students at several universities were hit, blocking access to their thesis papers and dissertation presentations. A 22-year old security researcher in the United Kingdom discovered a “kill-switch” to initially stop the spread of the attack.
A security researcher warned there might be another attack imminently.
Neema Singh Guliani, legislative counsel at the ACLU, said the ransomware attack raises questions about agencies stockpiling vulnerabilities instead of responsibly disclosing them.
Across an ocean, Darien Huss, a 28-year-old research engineer for the cybersecurity firm Proofpoint, was doing his own analysis.
Sir Michael told the BBC’s Andrew Marr Show: “We never comment on the different systems, obviously for reasons of security, that our submarines use but our vanguard submarines I can absolutely assure you, are safe and operate in isolation when they are out on patrol, and I have complete confidence in our nuclear deterrent”.
“We’ve seen what happens when the US NSA (National Security Agency). develops hacking tools, effectively weapons for breaking in to ordinary people’s computers then loses control of one of those exploits that has then been effectively weaponised by a criminal organisation that is now seeking to ransom people”, he told reporters.
“Expect to hear a lot more about this tomorrow morning when users are back in their offices and might fall for phishing emails” or other as yet unconfirmed ways the worm may propagate, said Christian Karam, a Singapore-based security researcher.
A British cyber whiz became an “accidental hero” after he registered a domain name that stopped the spread of the malicious software, which exploits a vulnerability in Microsoft Windows software.
Meanwhile, Turkey’s Information and Communications Authority BTK said on Saturday an operation to prevent further spread of the malware continued and urged people to update their antivirus programs and scan their computer systems.
Microsoft said it had taken the “highly unusual step” of releasing a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003.
“I made it a total of 4 days without working, so there’s that”, he said. Microsoft no longer supports Windows XP, and the extra security the NHS paid for as a get-around had expired. Turn on auto-updaters where available (Microsoft offers that option).
British cybersecurity expert Graham Cluley doesn’t want to blame the NSA for the attack.
“[The] worldwide ransomware attack shows what can happen when the NSA or Central Intelligence Agency write malware instead of disclosing the vulnerability to the software manufacturer”, Lieu said in a statement.
