Global cyber attack hits hospitals and companies, threat seen fading for now
- Author: Rogelio Becker May 14, 2017,
May 14, 2017, 0:36
A spokesman for Nissan in the United Kingdom confirmed the auto manufacturer had been affected by the cyber attack, saying it was first hit at around 9pm on Friday and the incident is "ongoing".
The hunt was on for the culprits behind the assault, which was being described as the biggest-ever cyber ransom attack.
Hospitals, companies, universities and governments across almost 100 countries were hounded by a cyberattack that locked computers and demanded ransom.
The attack itself was conducted using a revised version of a known ransomware strain "WannaCry" that exploits a specific Windows bug, security experts claim, adding that Taiwan, Ukraine, and Russian Federation were among the hardest-hit targets of the attack.
Payment is demanded within three days or the price is doubled, and if none is received within seven days the files will be deleted, according to the screen message.
"We are aware that a number of NHS organizations have reported they have suffered from a ransomware attack", May said while out on the campaign trail in the UK.
"Russia as well as India were hit particularly hard, in very large part".
"The NCSC is monitoring the situation carefully, and cooperating with the HSE, with industry and with the Garda Cyber Crime Bureau", they said.
Many companies and individuals have not installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and did not fix.
The attack is believed to have struck as many as 99 countries.
The malicious software appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the US National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.
However, there have been some reports of ambulances being diverted from affected hospitals and individual NHS trusts have asked registered patients not to attend unless it is urgent. "We are still in the analysis phase".
We are implementing remediation steps as quickly as possible, it said in a statement.
French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, saying the measure was aimed at stopping the virus from spreading. The interior ministry said about 1,000 computers had been infected but it had localized the virus.
"The attack is a ransomware or cryptolocker type event, a relatively common low-level form of cyber attack usually aimed at extorting relatively small sums of money", the spokesperson said.
Germany's Deutsche Bahn computers were also impacted, with the rail operator reporting that station display panels were affected.
The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA.
A young cybersecurity researcher has been credited with helping to halt the ransomware's spread by accidentally activating a so-called "kill switch" in the malicious software. The malware, or infected software that locks out legitimate users, would exit the server after the traffic was connected to the domain.
Mr Manning's comments came as Jeremy Corbyn claimed NHS computer systems had not been updated since 2001 and left vulnerable to attack after a security package was stopped in 2015. His $11 purchase of the name may have saved governments and companies around the world millions, slowing its spread before US -based computers were more widely infected.