Massive ransomware attack hits 74 countries

Scale of the attack: Reports of infections from the ransomware have been coming from users in over 99 different countries, which includes UK, US, China, Russia, Italy and even Spain.

In the wake of the attack, Microsoft said it had taken the “highly unusual step” of releasing a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003.

Eisen says “this is child’s play, what happened”.

Meanwhile CERT-IN has also issued a vulnerability note on its website (CERTIn Vulnerability Note CIVN20170032 Multiple vulnerabilities in Windows SMB Original Issue Date: March 15, 2017) with a Severity Rating of HIGH on March 15, 2017 for possible remote exploitation of this vulnerability and to apply the patch released by Microsoft for the same.

Thoughts about the WannaCry ransomware?

The most pressing aspect of WannaCry is its worm-like EternalBlue exploit.

The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA. The agency has not responded to requests for comment.

Researchers with security software maker Avast said Russia, Ukraine, and Taiwan were the top targets of the attack, but dozens of other countries also reported system infections. The security vulnerability in Windows software, according to the hacker group, Shadow Brokers, was exploited by the NSA to be able to invade computers.

If people don’t update their Windows systems, “it’s just going to keep going”, he said.

“I believe many companies have not yet noticed”, said William Saito, a cyber security adviser to Japan’s government.

As a result, over 100,000 new infections were prevented, according to U.K.’s National Cyber Security Centre.

The Indian Computer Emergency Response Team (CERT-In), a nodal agency under the ministry to deal with cyber security emergencies, said a new ransomware named Wannacry was spreading widely.

According to Kaspersky Labs, one of the major security firms in the world, India had the third highest number of infected machines, with only Russian Federation and Ukraine being worst hit.

Its ransom demands start at $300 and increase after two hours to $400, $500 and then $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab.

The ransomware, called WannaCry, locks down all the files on an infected computer and asks the computer’s administrator to pay in order to regain control of them. It appears that once the domain is found to be live, it acts to stop all further spread of the worm.

“The expensive part is the clean up of the machine and restoring the encrypted data”, he said. As a result, nothing will happen on new systems running the infected file unless that system requires proxy access to the Internet.

Among the worst hit was the National Health Service in England and Scotland.

British Prime Minister Theresa May said there was no evidence that patient data had been compromised in the attack, and that it had not specifically targeted the National Health Service.

German rail operator Deutsche Bahn said some electronic signs at stations announcing arrivals and departures were infected.

The full scope of the attack not yet known. Among the many targets were hospitals and telecommunication companies spanning Europe and Asia.

Major global companies said they also came under attack.

The European Union’s police agency, Europol, says it is working with countries hit by the global ransomware cyberattack to rein in the threat and help victims. Europol, the European Union’s police agency, said the onslaught was at “an unprecedented level and will require a complex worldwide investigation to identify the culprits”.

NHS Digital, which oversees United Kingdom hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which infects and locks computers while the attackers demand a ransom.

“Nigeria has been flagged among the countries to be attacked”. The statement said antivirus systems are working to destroy it.