14 May, 2017
Teams of technicians worked around the clock Saturday to restore Britain's crippled hospital network and secure the computers that run factories, banks, government agencies and transport systems in other nations after a global cyberattack.
More than 75,000 computers in 99 countries were compromised in Friday's attack, with a heavy concentration of infections in Russian Federation and Ukraine, according to Dutch security company Avast Software BV.
Cyber extortionists have tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files.
Britain's opposition Labour Party said the attack on English hospitals showed the need to place cyber security at the heart of government policy.
The Russian Interior Ministry confirmed it was among those that fell victim to the "ransomware" - software that locks up a computer and typically flashes a message demanding payment to release the user's data.
French carmaker Renault's assembly plant in Slovenia halted production after it was targeted.
Germany's national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services.
Europol said a special task force at its European Cybercrime Centre was "specially created to assist in such investigations and will play an important role in supporting the investigation".
Some experts said the threat had receded for now, in part because a British-based researcher, who declined to give his name, registered a domain that he noticed the malware was trying to connect to, and so limited the worm's spread.
"When we say that the health ministry was attacked you should understand that it wasn't the main server, it was local computers. actually nothing serious or deadly happened yet", German Klimenko, a presidential adviser, said on Russian state television. The researcher in Britain widely credited with foiling the ransomware's proliferation told Reuters he had not seen any such tweaks yet, "but they will (happen)". G7 finance ministers meeting in Italy discussed the attacks and were expected to commit to stepping up worldwide cooperation against a growing threat to their economies. State agencies and major companies around the world were left reeling by the attacks, which blocked access to files and demanded ransom money, forcing them to shut down their computer systems. (Atentado, Estados Unidos) EFE/EPA/RITCHIE B.
"Affected machines have six hours to pay up and every few hours the ransom goes up", said Kurt Baumgartner, the principal security researcher at security firm Kaspersky Lab. "Things could likely emerge on Monday" as staff return to work.
But the US Department of Homeland Security's computer emergency response team said it was aware of ransomware infections "in several countries around the world". Britain canceled or delayed treatments for thousands of patients, even people with cancer. In a statement, FedEx said: "Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware".
Elsewhere in Europe, the attack hit Spain's Telefonica, a global broadband and telecommunications company, and knocked ticketing offline for Norway's IF Odd, a 132-year-old soccer club.
The hardest hit in Friday's attack were United Kingdom hospitals that had to revert to using pens, paper, and the staff's own mobile phones to tend to their patients.
The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the US National Security Agency (NSA) for its own intelligence-gathering purposes and was later leaked to the internet.
"Because WannaCrypt used a single hardcoded domain, my registration of it caused all infections globally to believe they were inside a sandbox. thus we initially unintentionally prevented the spread", the researcher said, humbly and anonymously, in his blog post. Microsoft swiftly announced that it had already issued software "patches" to fix those holes, but many users haven't yet installed updates or still use older versions of Windows. Here's how to turn automatic updates on.
