Log in, look out: Cyberattack havoc may grow at week's start

Adjust Comment Print

"It's an global attack and a number of countries and organisations have been affected", British Prime Minister Theresa May said. "You've got to keep your systems updated".

But around a fifth of NHS trusts were hit in the attack, forcing them to postpone operations and procedures over the weekend and more could be revealed when people return to work this morning.

The spread of the attack appears to have been thwarted by private cybersecurity researchers who identified and triggered the malware's "kill switch", which halted the attacks before it spread throughout USA networks, a senior US intelligence official confirmed, but it is unclear whether, the official said, a modified attack will soon be launched.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime.

"WannaCry" encrypts files with the following extensions, appending.WCRY to the end of the file name like.lay6, .sqlite3, .sqlitedb, .accdb, .java and.docx among others. Recovery from backups is one of them.

Lawrence Abrams of BleepingComputer.com in NY says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime. All sectors of the economy were vulnerable and organizations could take lessons from the banking industry, which appeared to have largely escaped the global attack.

"The ransomware also spreads through malicious attachments to emails", it said.

The latest ransomware was successful because of a confluence of factors.

NHS works to curtail cyber attack damage
Large swathes of the NHS have been paralysed by the cyber attack, which hit 200,000 victims in 150 countries around the world. Hunt told broadcaster Sky News , the United Kingdom had "never seen a ransomware attack on this scale".

The cyberextortion attack hitting dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly risky security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability. "I hope that if another attack occurs, the damage will be a lot less".

Microsoft has complained for years that the large majority of computers running its software are using pirated versions. It's known organisations like the NSA develop tools to exploit computer systems in order to spy on people, including potential terrorists and their plots, of course.

Avast said the majority of the attacks targeted Russia, Ukraine and Taiwan.

Huss is also anxious about copycats, who could "take the exploit code that was used in this attack and implement it into their own virus". System administrators should ensure that employees don't have unnecessary access to parts of the network that aren't critical to their work.

"The impact on the US seems to be negligible - very tiny impact, very few victims", the senior intelligence official told ABC News on Saturday.

Individuals and organisations were discouraged from paying the ransom, as it was not guaranteed that the access would be restored. More importantly, these updates are hard to avoid as anyone with an iPhone can attest.

Its ransom demands start at $300 and increase after two hours to $400, $500 and then $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab.

"If there is a silver lining to it, you're not out a million dollars", he said. In 2016, Hollywood Presbyterian Medical Center in California said it had paid a $17,000 ransom to regain control of its computers from hackers.