By: Ahmad Abu el-Hamd
On Friday, dozens of countries were hit with a huge ransomware attack that locked up computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies. It was believed to be the biggest attack of its kind.
The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.
Britain’s national health service fell victim, its hospitals forced to close wards and emergency rooms and turn away patients. Russia appeared to be the hardest hit, according to security experts, with the country’s Interior Ministry confirming it was struck.
All told, several cyber security firms said they identified the malicious software, which so far has been responsible for tens of thousands of attacks, in more than 60 countries. That includes the United States, although its effects there didn’t appear to be widespread, at least initially.
Mikko Hypponen, chief research officer at the Helsinki-based cyber security company F-Secure, called the attack “the biggest ransomware outbreak in history.” Security experts said the attack appeared to be caused by a self-replicating piece of software that enters companies and organisations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files.
Its ransom demands start at $300 and increase after two hours to $400, $500 and then $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab. Chris Wysopal of the software security firm Veracode said criminal organisations were probably behind the attack, given how quickly the malware spread.
Microsoft announced that it had already issued software “patches”. But many companies and individuals haven’t installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and didn’t fix.
By Kaspersky Lab’s count, the malware struck at least 74 countries. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, un-patched versions of Windows in use, according to the security firm.
Spain, meanwhile, took steps to protect critical infrastructure in response to the attack. Authorities said they were communicating with more than 100 energy, transportation, telecommunications and financial service providers about the attack. Ransomware attacks are on the rise around the world.
It is worth nothing that in 2016, Hollywood Presbyterian Medical Centre in California said it had paid a $17,000 ransom to regain control of its computers from hackers.