TheJournal.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more »
Dublin: 19 °C Tuesday 23 May, 2017
Advertisement

Worldwide ransomware attacks - what we know so far

Over 29,000 institutions have been hit in China.

Image: SIPA USA/PA Images

SECURITY AGENCIES ARE hunting for those behind a crippling cyber attack which has so far hit hundreds of thousands of computers worldwide.

Although only one health service agency in Co Wexford is known to have been affected in Ireland, successful attacks around the world have hit government agencies, factories and health services.

Here is what we know so far about the cyber ransom attacks.

What happened?

The cyber attacks started Friday and spread rapidly around the globe using a security flaw in Microsoft’s Windows XP operating system, an older version that is no longer given mainstream tech support by the US giant.

The so-called WannaCry ransomware locks access to user files and in an on-screen message demands payment of €275 euros in the virtual currency Bitcoin in order to decrypt the files.

China Global Cyberattack Ransomware Source: Mark Schiefelbein

Victims have been advised by security experts not to pay up.

The attack is unique, according to policing agency Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

Who has been affected?

Europol chief Rob Wainwright said computer systems in more than 150 countries were hit, with the majority of organisations affected over the weekend in Europe.

The story broke here when it was reported that the UK’s NHS was hit by the attack on Friday, but so far there hasn’t been a much-feared second attack.

World-wide Cyber Attacks hits German Railways A display panel with an error can be seen at the main railway station in Leipzig, Germany. Source: DPA/PA Images

But as Asia woke up to the working week today, leading Chinese security-software provider Qihoo 360 said “hundreds of thousands” of computers in the country were hit at nearly 30,000 institutions including government agencies.

In Japan, a spokesman for Hitachi said the conglomerate discovered problems on Monday morning and its computer networks were “unstable”.

Other high-profile victims include hospitals in Britain, the Spanish telecoms giant Telefonica, French carmaker Renault, US package delivery company FedEx, Russia’s interior ministry and the German rail operator Deutsche Bahn.

Where did the malware come from?

Brad Smith, Microsoft’s president and chief legal officer, said in a blog post yesterday that the culprits used a code developed by the US National Security Agency.

It was leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.

Smith warned governments against stockpiling such vulnerabilities and said instead they should report them to manufacturers – not sell, store or exploit them, lest they fall into the wrong hands.

“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen,” Smith wrote.

The governments of the world should treat this attack as a wake up call.

Who was behind the attack?

Europol said today it was continuing to hunt for the culprits behind the unprecedented attack.

The agency’s senior spokesman Jan Op Gen Oorth said it was still “a bit early too say who is behind it, but we are working on a decrypting tool”.

Experts think it unlikely to have been one person, with criminally minded cyber crime syndicates nowadays going underground and using ever more sophisticated encryption to hide their activities.

How can people protect their computers?

TEC Ransomware Evolves Source: AP/PA Images

Microsoft took the unusual step of reissuing security patches first made available in March for Windows XP and other older versions of its operating system.

Kaspersky said it was seeking to develop a decryption tool “as soon as possible”.

Europol said European companies and governments had heeded warnings and as a result avoided further fallout from the ransomware.

“It seems that a lot of internet security guys over the weekend did their homework and ran the security software updates,” Jan Op Gen Oorth told AFP.

© – AFP 2017

Read: HSE to keep network isolated for further 48 hours to protect against cyber attack

Read: North Korea’s ‘new missile’ has unprecedented range

  • Share on Facebook
  • Email this article
  •  

About the author:

AFP

Read next:

COMMENTS (44)

This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

Leave a commentcancel