'WannaCry' ransomware attack: What we know so far

Share

However, it also exploits a Windows networking flaw to spread more aggressively, like a worm.

"Last week's global WannaCry ransomware attack - based on NSA malware - was a stark reminder that hoarding technological vulnerabilities to develop offensive weapons comes with significant risks to our own economy and national security", says Rep. Ted Lieu, D-Calif., a backer of the legislation.

If you are already a victim of ransomware, the first thing to do is disconnect your computer from the internet so it does not infect other machines.

Officials from West Bengal State Electricity Distribution Company (WBSEDCL) confirmed the development and said it has been detected at four offices in West Midnapore district affecting PCs in four blocks of Belda, Datan, Narayngarh and Keshiyari.

While it's still unknown who the original attackers are at this point, the techniques used suggest that this was actually a normal criminal ransomware campaign.

The two researchers said they did not want to be identified discussing confidential security matters.

Any organisation which heeded strongly worded warnings from Microsoft to urgently install a security patch it labelled "critical" when it was released on March 14 on all computers on their networks are immune, experts agree. Its main element was developed by the NSA, not the hackers - a vulnerability code-named Eternalblue, which allowed the agency to commandeer old, pre-Windows 10 versions of the Microsoft operating system.

Among the institutions affected include UK's National Health Service organisations, Germany's rail network, FedEx in the U.S., Renault factories in France and Russia's interior ministry. The British government cancelled a nationwide NHS support contract with Microsoft after a year, leaving upgrades to local trusts.

The Washington Post story reveals a clue as to why the NSA waited so long to reveal the flaw to Microsoft. This impacted the e-commerce industry and services/utilities companies.

Half of all internet addresses corrupted globally by WannaCry are located in China and Russian Federation, with 30 and 20 percent respectively. Furthermore, infection levels have spiked again this week, according to data supplied to Reuters by threat intelligence firm Kryptos Logic.

More news: Patients asked to use services 'wisely — NHS cyber-attack

Brad Smith, Microsoft's president and chief legal officer, came out swinging against the National Security Agency on Sunday, alleging the attack used exploits that were stolen from the agency earlier this year.

How much is all of the information stored on your computer worth? Over the weekend, a 22-year-old cybersecurity researcher from England named Marcus Hutchins discovered and inadvertently activated a "kill switch" buried in the malware's code. "One of the country's largest oil companies, PetroChina, reported the attack had disrupted its electronic payment systems at its gas stations over the weekend".

While the security experts have struggled to find the so-called "patient zero" in the attack, they have been more successful in finding the cause of the attacks and the reason why it was so successful.

While federal officials say the WannaCry ransomware attack apparently has only raised about $70,000 in ransom and the infection rate has been lower in the US than in many other parts of the world, they caution that the crisis may not be over, as the malware morphs into other forms that could threaten more networks.

These factors help explain the mystery of why such a tiny number of victims appear to have paid ransoms into the three bitcoin accounts to which WannaCry directs victims.

All banks in the country have been ordered to keep their ATMs closed until the machines are protected from the WannaCry ransomware.

Organizations are scrambling to urgently deploy the relevant Microsoft patch across entire Windows infrastructure.

NASCIO's Robinson said a global, organized cyber threat like WannaCry shows how important it is for those measures to be in place.

"Even in this case, we don't know all of the details".

Share