
A massive cyber-attack using tools believed to have been developed by the US National Security Agency has struck organizations around the world, including the USA, UK, Spain, Russia, China, Portugal and Sweden, experts say it may be the biggest ransomware attack ever observed.
A new strain of ransomware raced across 70 countries Friday, wreaking havoc at the National Health Service in the UK, hobbling one of Spain’s largest telecom companies, and shutting down Russia’s Internal Affairs Ministry in an attack that cybersecurity experts say is only gaining in momentum.
Ransomware is a type of malware that installs itself on a device, such as a computer or smartphone, and then holds the device hostage until a ransom is paid.
This particular strain, WannaCry, exploits a vulnerability in Windows that many systems have not yet patched.
WannaCry has so far infected tens of thousands of computers in at least 74 countries, according to cybersecurity companies who are observing its spread across the globe.
Among the countries infected are the US, China, Russia, Spain, and the UK.
Kaspersky Lab's Global Research & Analysis Team reported "earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames."
Kaspersky Lab's analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed “EternalBlue”) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.
Unfortunately, it appears that many organizations have not yet installed the patch.
FedEx Hit
American shipping giant FedEx has been hit in a ransomware attack spreading quickly around the globe and linked to hacked or leaked data from the U.S. National Security Agency.
FedEx confirmed early Friday afternoon that it was a victim of the attack, but disclosed few details.
“Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware,” the firm said in a statement.
“We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.”
Latest: Ransomware Cyber-Attack Threat Escalating
What you need to do: If you've not installed the March, April or May Windows Update bundles, do so immediately. It's worth shutting down your system for a few minutes if it gives you a chance to avoid this. If you're still using Windows XP, you're out of luck, but the March and April update bundles should be available to Windows Vista. What Is Ransomware and How Can I Protect Myself?
More: Security Awareness Training Blog
Meanwhile, NSA whistleblower Edward Snowden has led the discussion on NSA’s role and responsibility in Friday’s extensive cyberattacks, noting that if the NSA had “privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, this may not have happened.”
Ransomware is one of the fastest-growing types of cyberattacks. Last year, cybersecurity companies estimated that ransomware attacks brought in over a billion dollars for cybercriminal networks globally, and they are on target to make even more in 2017.
While hospitals were not the target of the WannaCry ransomware strain Friday, they were among the most infected as they often lack budgets to defend their online systems, and once their networks are down, thousands of patients lives may be put at risk. Across the UK Friday, doctors reported chaotic situations, with one tweeting that patients would die as a result of the attack.
“This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors,” the NHS said in a statement. “Our focus is on supporting organisations to manage the incident swiftly and decisively.” NHS cyber-attack: Amber Rudd says lessons must be learnt
Cybersecurity experts said Friday that the Wannacry ransomware shows no signs of slowing down. Preliminary research on the strain shows that it is able to run in 27 languages, and likely includes other vulnerabilities that can take advantage of systems.
For now, cybersecurity experts are urging people to download the Microsoft update which patches the vulnerability as soon as possible to make sure their systems are protected.
Update: Security Blogger Halts Ransomware 'By Accident'
Rick R.
Comments
Jo Jo
Recently, there has been a massive cyber attack that hit businesses worldwide, causing significant disruptions and losses. The attack is a reminder of the ever-growing threat that cybercriminals pose to businesses and organizations globally.
To stay ahead of cyber threats, businesses must prioritize cybersecurity and employ various measures to secure their networks and systems. One such measure is using a search engine for security intelligence, which can help businesses identify vulnerabilities and potential threats in their systems.
A useful search engine for security intelligence is vulners.com/search, which provides an extensive database of vulnerabilities and exploits. By using vulners.com/search, businesses can quickly and easily search for information on known vulnerabilities and threats, allowing them to take proactive measures to protect their systems.
In today's digital age, cybersecurity is crucial, and businesses must take all necessary precautions to safeguard their networks and systems. Utilizing tools like https://vulners.com/search can go a long way in helping businesses stay ahead of potential cyber threats.
Rosalie Steame
Cybersecurity stocks are a red-hot niche in the tech industry, so knowing how to invest in them could bring big returns in the next decade. I advise you to learn more about it here
Rosalie Steame
Even if you have the most advanced smartphone of the latest model, it is also not protected from cyber threats. Mobile devices have long been one of the targets of cybercriminals, because the latter are always interested in two goals: your money or personal information. Click here https://proxybros.com/proxies/best-mobile-proxy/ to learn more about how you can protect yourself.