Manhunt for hackers behind global cyberattack

Adjust Comment Print

Cybersecurity firm Avast said it tracked more than 75,000 ransomware attacks in 99 countries Friday.

Major companies that includes sixteen National Health Service organsisations in the U.K. FedEx, telecom companies Telefonica of Spain and Megafon of Russian Federation were also hit.

Europol's Wainwright underscored the point Sunday.

"The global reach is unprecedented".

"The latest count is over 200,000 victims in at least 150 countries".

"It's particularly concerning when you're talking about widely-available software, when the impact on the people is going to be the public at large, not the handful of targets an agency might have", Singh Guliani told CNNTech.

Cyber security experts have said the majority of the attacks targeted Russia, Ukraine and Taiwan.

Images appear on victims' screens demanding payment of $300 (275 euros) in the virtual currency Bitcoin, saying: "Ooops, your files have been encrypted!" In past ransomware attacks, some victims have paid, only to find the key they are given doesn't work, while others have found their files are corrupted and can't be properly restored, he said.

A doctor who said hospitals could be vulnerable to ransomware one day before a virus struck the NHS has warned this could "just be the beginning".

"The investigation is at an early stage but we believe the malware variant is Wanna Decryptor", NHS Digital, the computer arm of the English health service, said in a statement.

"It only guarantees that the malicious actors receive the victim's money, and in some cases, their banking information".

The suspicion that the vulnerability of systems around the world were exploited by a hacking tool thought to have been developed by America's National Security Agency exposes the fact that governments may be the ones most to blame as their intelligence agencies are the ones who create such openings to spy on people through the communications networks linking smartphones by exploiting loopholes in their operating systems.

Code for exploiting that bug, which is known as "Eternal Blue", was released on the internet in March by a hacking group known as the Shadow Brokers.

Europol Director Rob Wainwright told ITV's Peston on Sunday programme the attack was unique in that the ransomware was used in combination with "a worm functionality" so the infection spread automatically.

"These ransomware attacks have been on the rise over the last three years, it wasn't exactly something that was a shock - what was surprising is the scale of this one". "You're only safe if you patch ASAP", he wrote on Twitter.

The WannaCry malware, according to CERT-In, spreads "by using a vulnerability in implementations of Server Message Block" in systems running Microsoft's Windows operating system.

Indian officials, who declined to be named, said no major incident of cyberattack has been brought to the notice of CERT-In yet.

In Russia, government agencies insisted that all attacks had been resolved.

Renault said it had halted auto production at several sites including Sandouville in northwestern France and plants of Renault-owned Dacia of Romania on Saturday to prevent the spread of ransomware in its systems.

Germany's rail operator Deutsche Bahn said its station display panels were affected.

Students at universities in China were locked out of their work, including dissertations and thesis papers, according to Chinese media and reported by The Associated Press.

Finance ministers and central bank governors of seven leading world economies meeting for a G7 conference in Italy on Saturday will pledge stronger cooperation against cyber crime, a draft communique showed.