Fears mount over even worse ransomware virus strikes
THE COMPUTER virus that spread rapidly across the world is still making its way to more companies and countries – but is gradually slowing down.
However, this software doesn’t appear to be vulnerable to the same ‘kill switch’ that stopped the similar Wannacry virus just weeks ago, and so is likely to continue to travel around the world.
The attack appeared to have started in Ukraine and then made its way across Europe, hitting the world’s biggest advertising company in Britain, and Danish international Maersk. It then continued to spread, arriving in the US, and then in Asia.
Companies that were affected were told to contain and fix the problem. But in many places, they are failing – advising staff only to shut off their machines and do as much as they can without electronic help.
The software – which is going by different names – locks down computers and asks for a US$300 (RM1,289) ransom in the form of bitcoin to make it work again.
It’s no longer possible to pay that ransom, and most companies are instead trying to restore their computers from old backups.
The virus itself appears to be an updated version of a known virus, that fixes many of the ways it had been stopped in the past.
SDRAM Storage: 1 TB HDD
As such, while researchers have developed a ‘vaccine’, it is more difficult to contain the problem and to restore systems that have already been affected.
The software is being referred to as GoldenEye, and is thought to be a more advanced version of the malware known as Petya.
It uses an exploit known as EternalBlue, which was apparently developed by the US National Security Agency (NSA) and was the same flaw that let the disruptive Wannacry virus into computers across the world – including those across the NHS, which was brought to its knees by the virus.
That time, the problem was stemmed by an accidental hero who found that the software had a ‘kill switch’ built into it, which he was able to trigger and stop any further spread of the virus.
This version of the software appears to be more advanced and harder to stop – leading to fears that it could be even worse than Wannacry.
That ransomware appeared to have originated in the UK and Spain, before rapidly spreading across the world. It hit more than 200,000 victims in 150 countries before it was slowed down.
Those who patched their computers to keep them safe from that attack may still be vulnerable to the new one, experts suggested, because in changes to the way it worked.
Following the recent WannaCry incident, some of the blame was directed at the US Central Intelligence Agency (CIA) and the NSA, who were accused of ‘stockpiling’ software code which could be exploited by hackers.
Dr David Day, a senior lecturer in cyber security at Sheffield Hallam University, said he believed the latest attack is the “tip of the iceberg” and said he is frustrated at how it has been able to unfold.
He said: “Basically, what they (the NSA) have done is they have created something which can be used as a weapon, and that weapon has been stolen and that weapon is now being used.
“And I think it underlines the whole need for debate over privacy versus security.”
Companies across the world that aren’t affected are being urged to ensure that their computers are up to date and their security systems are running properly to stop any further spread. – The Independent