WannaCry could encourage new hackers
NEW YORK: The danger from a global cyberattack that spread to more than 150 nations continues to fade, and that’s only some of the good news.
After two security researchers greatly slowed down that attack, which effectively held people’s documents, photos and other digital files hostage, hard-hit organisations, such as the United Kingdom’s National Health Service, seem to be bouncing back.
The attack, however, served as a live demonstration of a new type of global threat, one that could encourage future hackers.
Here’s what we know about the ransomware known as WannaCry, which locked up digital photos, documents and other files to hold them for ransom.
WHERE IT CAME FROM
Researchers were puzzling out how WannaCry started. Figuring that out could yield important clues to the identity of its authors. The malware spread rapidly inside computer networks by taking advantage of vulnerabilities in mostly older versions of Microsoft Windows. That weakness was purportedly identified and stockpiled for use by the United States National Security Agency; it was subsequently stolen and published on the Internet. But it remained unclear how WannaCry got onto computers in the first place.
Analysts at the European Union cybersecurity agency said the hackers likely scanned the Internet for systems that were vulnerable to infection and exploited those computers remotely.
Once established, WannaCry encrypted computer files and displayed a message demanding between US$300 and US$600 (RM1,300 and RM2,600) worth of the digital currency bitcoin to release them. Failure to pay would leave the data scrambled and likely beyond repair unless users had unaffected backup copies.
RANSOM PAYMENTS
Investigators were monitoring three bitcoin accounts associated with WannaCry, where its victims were directed to send ransom payments. So far, there had been no withdrawals from those accounts, which received only about 250 payments worth about US$72,000.