Nations battle unprecedented wave of cyber ransom attack
’BIGGEST EVER’ Over 100 countries hit, 22yearold accidentally finds way to slow spread of virus
LONDON: Cyber security experts rushed to restore systems on Saturday after an unprecedented global wave of cyber attacks that struck targets in more than 100 countries and the effect of which was felt particularly hard in India, reports said.
The hunt was on for the culprits behind the assault, which was being described as the biggest cyber ransom attack ever.
State agencies and major companies around the world were left reeling by the attacks which blocked access to files and demanded ransom money, forcing them to shut down their computer systems.
“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” said Europol, Europe’s policing agency.
The attacks, which experts said affected dozens of countries, used a technique known as ransomware that locks users’ files unless they pay the attackers a designated sum in the virtual Bitcoin currency.
Mikko Hypponen, chief research officer at the Helsinkibased cyber security company F-Secure, told AFP that the attack was “the biggest ransomware outbreak in history”, saying that 130,000 systems in more than 100 countries had been affected.
He said that Russia and India were hit particularly hard, in large part because the older Windows XP operating software is still widely used in the countries.
The attacks apparently exploited a flaw exposed in documents leaked from the US National Security Agency (NSA).
Some experts said the threat had receded for now, in part because a 22-year-old Britishbased researcher, identified online only as MalwareTech, registered a domain that he noticed the malware was trying to connect to, and so limited the worm’s spread. “We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain,” said Vikram Thakur, principal research manager at Symantec.
“The numbers are extremely low and coming down fast.”
But the researcher told The Guardian that this would not last. “This is not over. The attackers will realise how we stooped it, they’ll change the code and then they’ll start again.”
He urged Windows users to update their systems and reboot.
On Saturday, Microsoft took the unusual step of making security fixes available for free for older Windows systems, which are still used by millions of individuals and smaller businesses.
The attacks hit a whole range of organisations and businesses worldwide.
French carmaker Renault was forced to stop production at sites in France and Slovenia, saying the measure was aimed at stopping the virus from spreading.
In the US, package delivery group FedEx acknowledged it had been hit by malware and said it was “implementing remediation steps as quickly as possible.”
Russia’s interior ministry said that some of its computers had been hit by a “virus attack” and that efforts were underway to destroy it. The country’s central bank said the banking system was hit, and the railway system also reported attempted breaches. Russia’s largest bank Sberbank said its systems “detected in time attempts to penetrate bank infrastructure”.
Germany’s Deutsche Bahn computers were also impacted, with the rail operator reporting that station display panels were affected.