Published: Tue, May 16, 2017
Worldwide | By Gretchen Simon

Malware fight is not over, warns Europol


Global standards should compel countries not to stockpile or exploit software vulnerabilities, Smith says.

"The governments of the world should treat this attack as a wake-up call", Smith wrote.

The attack hit scores of countries - more than 100, by some experts' count - and infected tens of thousands of computer networks. The ransomware seems to have exploited a vulnerability in Microsfot Windows that was identified by the National Security Agency and used for its own intelligence-gathering.

The investigations into the attack were in the early stages, however, and attribution for cyber attacks is notoriously hard.

He said Europol and other agencies did not yet know who was behind the attack but "normally it is criminally minded and that is our first working theory for obvious reasons".

The attack is believed to be the biggest online extortion scheme ever recorded. But no new large-scale outbreaks were reported, and British officials said a feared second wave of infections had not materialized.

Microsoft said in a blog post Saturday that it was taking the "highly unusual" step of providing the patch for older versions of Windows it was otherwise no longer supporting, including Windows XP and Windows Server 2003.

Microsoft blamed government secrecy for the rapid spread of the virus.

The code for exploiting that bug, known as "Eternal Blue", was released on the internet in March by a hacking group known as the Shadow Brokers.

The group said it was stolen from a repository of NSA hacking tools.

The NSA and Microsoft did not immediately respond to requests for comment.

"We will get a decryption tool eventually, but for the moment, it's still a live threat and we're still in disaster recovery mode", Rob Wainwright, the head of the European Union's law enforcement agency Europol, told CNN's Becky Anderson on Sunday.

Experts said it appeared that the ransomware had made just over $32,000, although they expected that number to pop when people went back into the office Monday.

In the evening, the Maharashtra Police department said it was partially hit by the ransomware.

"Guardians of the Galaxy Vol. 2" is Top Weekend Movie
DreamWorks Animation and Fox's "The Boss Baby " landed in third place with an estimated 6.2 million USA dollars. Indian film Baahubali 2 took the seventh spot. #Boxoffice results away from Guardians 2 pale in comparison.

Among the other victims is a Nissan manufacturing plant in Sunderland, northeast England.

The ransomware attack struck British National Health Service organisations, along with computer networks of companies and municipalities in dozens of other countries.

Deutsche Bahn: The German railway company told CNNMoney that due to the attack "passenger information displays in some stations were inoperative" as were "some ticket machines".

He had highlighted an incident at Papworth Hospital near Cambridge where a nurse clicked on a malicious link and malware infected her computer and started to encrypt sensitive files.

But he also placed fault in national governments.

Elsewhere in Europe, the attack hit companies including Spain's Telefonica, a global broadband and telecommunications company. In fact, security expert Professor Alan Woodward says it may have been an experiment by some relatively inexperienced hackers that took off in a way they didn't expect.

Action to increase cyber security is to be stepped up in Scotland following the ransomware attack on NHS computers. The systems were not connected to the malls' or tenants' networks.

The minister did not name the first Australian business affected by the ransomware attack, but hinted it was not "a government organisation or a hospital or anything like that".

It says universities and educational institutions were among the hardest hit, numbering 4,341, or about 15 percent of internet protocol addresses attacked.

New variants of the rapidly replicating worm were discovered Sunday.

But the attack, allegedly by Russian hackers, on the Hillary Clinton and Emmanuel Macron campaigns, which led to the leaking of several key documents and emails, have wisened political parties on the need to firm up security.

"Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw".

"Just patch their systems as soon as possible", MalwareTech said.

Like this: