WASHINGTON: Nearly hundred countries, including India, were hit by what is believed to be the biggest-ever recorded cyberattack that used “cyber weapons” stolen from the US’ National Security Agency to lock up computers and hold users’ files for ransom.
The cyber attack was first reported from Sweden, Britain and France, US media outlets reported.
An increase in activity of the malware was noticed yesterday, security software company Avast reported, adding that it “quickly escalated into a massive spreading”. Within hours, over 75,000 attacks were detected worldwide, the company said. Meanwhile, the MalwareTech tracker detected over 100,000 infected systems over the past 24 hours. Security researchers with Kaspersky Lab have recorded more than 45,000 attacks in 99 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt. In Spain, major companies including telecommunications firm Telefonica were infected. The most disruptive attacks were reported in the UK, where hospitals and clinics were forced to turn away patients after losing access to computers. The US Computer Emergency Readiness Team (USCRT) under the Department of Homeland Security said it has received multiple reports of WannaCry ransomware infections in many countries around the world. The ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. It demands users pay USD 300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time. The malware spreads through e-mail. Individuals and organisations are discouraged from paying the ransom, as this does not guarantee access will be restored, the USCERT said. According to it, ransomware spreads easily when it encounters unpatched or outdated software. It was believed to the biggest attack of its kind. A Microsoft spokeswoman said that the company was aware of the reports and was looking into the situation. According to The Wall Street Journal, the malware believed to be behind the attacks, encrypts data on infected computers and essentially holds it for ransom. “Known as WannaCry or Wanna Decryptor, the so-called ransomware programme homes in on vulnerabilities in Microsoft Windows systems,” the daily said. In a statement, international shipper FedEx said it has been badly hit by the cyber attack. “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible,” it said. “This event should serve as a global wake-up call the means of delivery and the delivered effect is unprecedented,” Rich Barger, the director of threat research at security firm Splunk, said in a separate statement. The Department of Homeland Security (DHS) said it is actively sharing information related to this event and stands ready to “lend technical support and assistance as needed to our partners, both in the United States and internationally”. The DHS has a cadre of cyber security professionals that can provide expertise and support to critical infrastructure entities, it said in a statement. The malware was made available online on April 14 through a dump by a group called Shadow Brokers, which claimed last year to have stolen a cache of “cyber weapons” from the National Security Agency (NSA). At the time, there was scepticism about whether the group was exaggerating the scale of its hack. Former NSA contractor Edward Snowden blamed the NSA for not preventing the global cyber attack. “Despite warnings, (NSA) built dangerous attack tools that could target Western software,” Snowden said. “Today we see the cost”. “If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened,” he said. Some cyber security experts and privacy advocates said the massive attack reflected a flawed approach by the US to dedicate more cyber resources to offence rather than defence, a practice they argued makes the internet less secure. Experts have been working round-the-clock to restore IT systems of Britain’s National Health Service (NHS) after they were hit by the large-scale cyber-hack by an international criminal gang that wreaked havoc around the globe. With nearly 45 NHS organisations from London to Scotland hit in the “ransomware” attack yesterday, patients of the state-funded countrywide service are facing days of chaos as appointments and surgeries have been cancelled. An Indian-origin doctor based in London had warned against the cyber-hack of the NHS just days before it crippled the country’s network. Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, had warned that an increasing number of hospitals could be shut down by ransomeware attacks in an article on the vulnerability of the NHS network in the ‘British Medical Journal’ on Wednesday, two days before the major cyber-hack. He had highlighted an incident at Papworth Hospital near Cambridge where a nurse clicked on a malicious link and malware infected her computer and started to encrypt sensitive files.—PTI