A global cyberattack leveraging hacking tools widely believed by researchers to have been developed by the U.S. National Security Agency hit worldwide shipper FedEx, disrupted Britain's health system and infected computers in almost 100 countries on Friday. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists. Two security firms - Kaspersky Lab and Avast - said they had identified the malicious software behind the attack in over 70 countries, although both said the attack had hit Russian Federation the hardest. The national railway system said although it was attacked, rail operations were unaffected. Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over nine million computers in nearly 200 countries.
"We are implementing remediation steps as quickly as possible", it said in a statement.
It said NHS England has confirmed that hospitals across the country appear to have been simultaneously hit by a bug in their IT systems, leading to many diverting emergency patients.
Forcepoint Security Labs said that "a major malicious email campaign" consisting of almost five million emails per hour was spreading the new ransomware.
The U.S. Department of Homeland Security said late on Friday that it was aware of reports of the ransomware, was sharing information with domestic and foreign partners and was ready to lend technical support.
An worldwide cyber attack on Friday struck countries including the United Kingdom and Spain, British Prime Minister Theresa May said, as security experts warned it could affect many other countries.
"Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization", he said.
The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the US National Security Agency (NSA) for its own intelligence-gathering purposes and was later leaked to the internet.
A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said. It said the attacks were carried out with a version of WannaCry ransomware that encrypted files and prompted a demand for money transfers to free up the system. It issued a patch on March 14 to protect them from Eternal Blue.
Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it. It said the company was working with its customers to provide additional assistance.
Do we need an independent prosecutor for the FBI's Trump-Russia probe?
Attorney for the District of Columbia, said Comey telling Trump he was not under investigation would be "totally inappropriate". Department of Justice Public Integrity Section and served as the Assistant U.S.
"The ransomware can spread without anyone opening an email or clicking on a link".
Tom Donnelly, a spokesperson for the country's National Health Service (NHS), said the assault and its effects are still ongoing, according to The New York Times.
Authorities in Britain have been braced for possible cyberattacks in the run-up to the vote, as happened during last year's USA election and on the eve of this month's presidential vote in France.
Affected by the onslaught were computer networks at hospitals in Britain, Russia's interior ministry, the Spanish telecom giant Telefonica and the United States delivery firm FedEx and many other organizations.
"Seeing a large telco like Telefonica get hit is going to get everybody anxious".
Security experts said the attack appeared to be caused by a self-replicating piece of software that enters companies and organisations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents.
The news is also likely to embolden cyber extortionists when selecting targets, Chris Camacho, chief strategy officer with cyber intelligence firm Flashpoint, said.
In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from Spain's National Cryptology Centre of "a massive ransomware attack". "No computers are now working", they said, speaking on condition of anonymity as they were not authorised to speak to press.
Even as the exact number of countries affected is yet to be determined, the attack is unprecedented in scale, experts say.
Comments