Cyberattack locked more than 200,000 systems across the globe
In the world, users became a victim of ransomware that asked to pay the ransom to unlock their data on the computer. Until Friday, 200000 users were severely hit by this ransomware.
There were many accidents because of this ransomware. Operations in prestigious hospitals in the UK were canceled as their IT cell tried to get the control of Health Service’s network after the attack. The car manufacturer Renault asked 3000 employees to go home for they could put a bar to limit the harm done at a key factory.
In China alone, more than 30 000 computers were made the victim of this ransomware. This attack was hit first on Friday. It deteriorated and caused further damage when people came to their office on Monday. Computer experts are trying to solve this issue but the finger pointing game has already begun. It has hit majorly Microsoft’s operating system. The company has put all the blame US government’s National Security Agency (NSA) for creating a loophole that made this ransomware work.
Many countries and organizations alleged that it was the US who made this ransomware to get hold of the data. Many alleged that they created ‘EternalBlue’ for the sole purpose of getting data from a computer across the globe. It is explained as close to a close bar as per a security expert. They alleged that this tool was leaked online for the hijackers and criminals to hijack the computer that was vulnerable to such attacks. It was only then that there was the demand of 300 dollars paying a ransom. The payment was to be made in Bitcoins.
Sean Sullivan is a security adviser to F-Secure who in a recent interview to the Telegraph said, “Shadow Brokers obtained the NSA tools that exposed a vulnerability in Microsoft’s operating systems. They dumped the instructions detailing how to get in. The exploit is the ‘crowbar’ to open the door and the ransomware is the ‘hand grenade’ you lob in once the door is open.”
He also added to keep the security patches updated so that the system won’t be much vulnerable.
NSA in response to allegations told the media that it had warned Microsoft that its tool was stolen. The company rolled out the patch for this problem in March. But, Windows XP, and operating systems that were before 2009 were not included in this patch. Some users chose to not update the patch even if they knew it had been rolled out. Cybersecurity told the media that this ransomware will spread on the unmatched systems. They advised users to run their computer in safe mode only.
At least a temporary full stop has been made by the security firm MalwareTech. They activated a digital ‘kill switch’ that stopped its further spreading. LA-based threat intelligence firm’s head Steven Wilson said on Twitter, “He made a significant step in slowing the advance of this malware,’ explained Mr. Wilson. MalwareTech tweeted that hackers could upgrade the virus. ‘Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw.”
Windows took the step on Friday that could help the Windows XP users to update the patch so that the won’t be the victim of the ransomware. If downloaded and installed as per the Microsoft’s expectations, 70000 million computers could be saved. This fix was designed majorly for Windows XP but another patch was rolled out for Windows 8 and Windows 2003.
By the evening of the Friday, the Ransomware started to spread to the US and South America but the worst hit remained Russia and Europe. According to Kaspersky Lab, they have recorded that there are 45 000 attacks in 74 countries that include Russia, UK, India, Italy, China, Egypt and Spain.
Microsoft called the government and saw this cyber attack as a wake-up call. Microsoft’s president and chief legal officer Brad Smith told BBC, “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems.”
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.