Cyberattack hits 74 countries in biggest attack of its kind ever


Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users' files for ransom at a multitude of hospitals, companies and government agencies.

It was believed to the biggest attack of its kind ever recorded.

The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.

Britain's national health service fell victim, its hospitals forced to close wards and emergency rooms and turn away patients. Russia appeared to be the hardest hit, according to security experts, with the country's Interior Ministry confirming it was struck.

All told, several cybersecurity firms said they had identified the malicious software responsible for tens of thousands of attacks in more than 60 countries, including the United States, though its effects in the U.S. did not appear to be widespread, at least in the initial hours.

Computers were infected with what is known as "ransomware" - software that freezes up a machine and flashes a message demanding payment to release the user's data. In the U.S., FedEx reported that its Windows computers were "experiencing interference" from malware, but wouldn't say if it had been hit by ransomware.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack "the biggest ransomware outbreak in history."

Security experts said the attack appeared to be caused by a self-replicating piece of software that enters companies and organizations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files.

Its ransom demands start at $300 and increase after two hours to $400, $500 and then $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab. Affected users can restore their files from backups, if they have them, or pay the ransom; otherwise they risk losing their data entirely.

Chris Wysopal of the software security firm Veracode said criminal organizations were probably behind the attack, given how quickly the malware spread.

"For so many organizations in the same day to be hit, this is unprecedented," he said.

The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA as part of its intelligence-gathering.

Shortly after that disclosure, Microsoft announced that it had already issued software "patches" for those holes. But many companies and individuals haven't installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and didn't fix.

By Kaspersky Lab's count, the malware struck at least 74 countries. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, unpatched versions of Windows in use, according to the security firm.

Hospitals across Britain found themselves without access to their computers or phone systems. Many canceled all routine procedures and asked patients not to come to the hospital unless it was an emergency. Doctors' practices and pharmacies reported similar problems.

Patrick Ward, a 47-year-old sales director, said his heart operation, scheduled for Friday, was canceled at St. Bartholomew's Hospital in London.

Tom Griffiths, who was at the hospital for chemotherapy, said several cancer patients had to be sent home because their records or bloodwork couldn't be accessed.

"Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization," he said. "It's stressful enough for someone going through recovery or treatment for cancer."

British Prime Minister Theresa May said there was no evidence patient data had been compromised and added that the attack had not specifically targeted the National Health Service.

"It's an international attack and a number of countries and organizations have been affected," she said.

Spain, meanwhile, took steps to protect critical infrastructure in response to the attack. Authorities said they were communicating with more than 100 energy, transportation, telecommunications and financial services providers about the attack.

Spain's Telefonica, a global broadband and telecommunications company, was among the companies hit.

Ransomware attacks are on the rise around the world. In 2016, Hollywood Presbyterian Medical Center in California said it had paid a $17,000 ransom to regain control of its computers from hackers.

Krishna Chinthapalli, a doctor at Britain's National Hospital for Neurology & Neurosurgery who wrote a paper on cybersecurity for the British Medical Journal, warned that British hospitals' old operating systems and confidential patient information made them an ideal target for blackmailers.

He said many NHS hospitals in Britain use Windows XP software, introduced in 2001, and as government funding for the health service has been squeezed, "IT budgets are often one of the first ones to be reduced."

"Looking at the trends, it was going to happen," he said. "I did not expect an attack on this scale. That was a shock.

AP

Comments

  1. WELCOME TO match maker friends, THE BEST CERTIFIED RELIABLE AGENCY COMPANY IN AFRICA 2017
    ARE YOU IN NEED OF A RICH WEALTHY SUGAR MUMMY/SUGAR DADDY/GAY AND LESBIAN PARTNER ANYWHERE IN NIGERIA, GHANA, COTONOU,SOUTH AFRICA,UK,U.S.A,MALAYSIA,
    ZIMBABWE AND IVORY COAST,THEN CONTACT match maker friends, DATABASE ADMINISTRATOR ON 08131139304……(MR anthony okafor)
    Are you good in bed,do you have all it takes to partake in our service,we offered fast reliable service to you anywhere you are in Nigeria,Ghana,Sourth africa,u.k,u.s.a, Zimbabwe,Cotonou and Ivory coast,our clients are highly connected and influential people within the society,so get
    the opportunity to meet rich and wealthy sugar mummies and sugar daddies from all works of life like the politians,directors,C.E.O of companies,the London
    based ladies,the gold ladies,ladies that runs their business organization,e.t.c,so contact us now to get an instant hook-up today,we are fully legalized,registered and recognized by CORPORATE AFFAIRS COMMISSION(C.A.C),read more about us on our official magazine called love connection magazine,were you find lots of comment and testimonies of people we have render our service to from January up till December,So contact database administrator
    on…08131139304(MR anthony okafor)
    maximum security is guarantee from any of our clients becuase we have done all the nesscessary background checkup on all the ladies and men we have on our
    databased,so contact us today for you to get a partner that can change your life completely with money and influence,
    Visit our official website for more details and information about our services (www.matchmakerfriends.com)
    Also check on our client testimonies on our official magazine called (love connection magazine and love
    circle magazine),follow us on facebook my adding our databased administrator(anthony okafor on facebook)
    WEBSITES—WWW.matchmakerfriends.COM. call on. +2348131139304 or 08131139304.
    FACEBOOK ID—anthony okafor
    MAGAZINE—LOVE CONNECTION MAGAZINE & LOVE CIRCLE MAGAZINE
    match maker friend//NO 1 LEADING AFRICA DATING HOOK-UP AGENCY

    ReplyDelete

Post a Comment