Press. voanews.com
An aggressive
wave of cyberattacks has hit companies and public institutions around the
globe, causing international havoc and bringing many services to a standstill.
The cyberextortion attempt appeared to use stolen software developed by a U.S.
spy agency.
One of the first
and worst attacks was aimed at Britain’s National Health Service. A wave of
crippling ransomware hit dozens of hospitals across the country Friday, prompting
the NHS to declare a “major incident.” Some hospitals diverted ambulances and
canceled surgeries as a result of the attack, which blocked doctors’ access to
patients’ files.
Ransomware is a
type of computer malware, software that has a malevolent intent, that infects a
target system, locks and encrypts all files, and then demands a cash payment
from the victim in return for reversing the encryption.
A researcher at
the Finnish cybersecurity company F-Secure said Friday’s apparently coordinated
attacks were “the biggest ransomware outbreak in history,” The Associated Press
reported. An analyst at another cybersecurity firm, Veracode, said the rapid
spread of attacks pointed to the involvement of criminal organizations.
45,000 attacks
in 74 countries
The
international cybersecurity firm Kaspersky Labs, based in Russia, said it
recorded 45,000 attacks in 74 countries. The worst hit by far was Russia, with
serious problems also reported by computer networks in Taiwan, India and
Ukraine.
The Russian Interior
Ministry, which oversees police throughout the world’s largest country, at
first denied it had been hacked, but later admitted about a thousand of its
computers had been penetrated. There was no immediate word on who carried out
the cyberattacks, and it was not known whether any of the victims paid any
ransom Friday.
The demands
reportedly were for relatively trivial sums — the equivalent of $300, paid in
bitcoin, a digital currency. But in past attacks, the payment demands
multiplied to much larger sums in short order. Bitcoin payments can be
difficult if not impossible to trace.
The ransomware
used Friday was labeled with various names — WannaCryptOr, WannaCry or WCry —
but all appeared to operate in a similar way. They gained entry to targeted
computer systems by exploiting a vulnerability in Microsoft computer operating
systems that was discovered and developed by the U.S. National Security Agency.
The security
hole, known as “EternalBlue,” was stolen from U.S. government computers and
disclosed on the internet earlier this year by a group known as
TheShadowBrokers.
Microsoft fixed
problem in March
Microsoft issued
software patches to close the vulnerability in its operating systems two months
ago, but many computer systems around the world have not yet been updated, or
instead rely on older equipment that remains vulnerable to attack.
Security experts
said the ransomware encountered Friday is a self-replicating piece of software
that spreads from computer to computer as it finds systems that have not been
shielded from intrusion. The malware enters large organizations’ computer
networks, such as those at British hospitals, when an employee clicks on an
innocent-appearing attachment to open the file, and thus releases the
ransomware.
British Prime
Minister Theresa May said it was clear that her nation’s problems were part of
a wider international attack that had many victims.
China also was
targeted by the unknown computer hackers, and the U.S. parcel delivery firm
FedEx said its operations were hit. In Spain, telecommunications giant
Telefónica was one of the early victims, and employees of MegaFon, one of the
largest cellphone companies in Russia, said they also were hit.
NSA technique
used
Computer experts
said the ransomware did not to appear to be very sophisticated, but the way in
which it spread, using the intrusion technique developed by NSA, clearly was.
They noted the ransom demands that flashed onto users’ screens were in dozens
of languages, indicating the attack had been well planned and coordinated.
Ransomware
attacks and other computer intrusions, such as the hacking incident that
unfolded in France last week on the eve of that country’s presidential
election, are on the rise throughout the world. Last year, a hospital in Los
Angeles, California, said it paid a $17,000 ransom to regain control of its
computers from hackers.