Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users' files for ransom at a multitude of hospitals, companies and government agencies. By Robert Hutton, Jeremy Kahn and Jordan Robertson.
Its ransom demands start at 300 dollars and increase after two hours to 400, 500 and then 600 dollars, said Kurt Baumgartner, a security researcher at Kaspersky Lab.
Two security firms - Kaspersky Lab and Avast - said they had identified the malicious software behind the attack in upward of 70 countries, although both said the attack has hit Russian Federation hardest.
The Ransomware is now making use of a security hole that Microsoft patched in the month of March.
A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said. That connection has given critics of U.S. hacking ammunition for their argument that governments finding flaws in commercial technologies and keeping them secret for the objective of exploiting them can carry a public risk.
The Organisations to be effected mostly with the attack are Health Services, Utility companies, Universities and more. "It is past time for [the US] congress to enhance cybersecurity by passing a law that requires the government to disclose vulnerabilities to companies in a timely manner". They may have already cost people's lives.
The Ransomware virus is spreading across the Microsoft's Windows Based machines from Windows Server 2008 till Windows 10. Patients were asked not to come to hospitals unless it was an emergency.
EXPERTS are working to disrupt an unprecedented global cyber attack which has crippled NHS services and hit auto manufacturer Nissan. Two big telecom companies, Telefónica of Spain and Megafon of Russian Federation, were also hit.
Home Secretary Amber Rudd has said patient data does not appear to have been accessed, but 48 of the 248 NHS England trusts and 13 NHS Health Boards in Scotland were affected, delaying and cancelling health service works.
She said there is no evidence that NHS patient records have been compromised.
She added: "Where the patient data has been properly backed up, which has been in most cases, work can continue as normal because the patient data can be downloaded and people can continue with their work".
"This is a virus that attacked Windows platforms".
The ransomware encrypts data on the computer using an encryption key that only the attacker knows.
The national railway system said that although it was attacked, rail network operations were unaffected. "Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful".
The Ransomeware is effecting those users who have not updated their systems to the Latest Patch released by Microsoft.
While Friday's attack could damage the reputation of Microsoft's security, it's likely to be limited, said Sid Parakh, a fund manager at Becker Capital Management, which owns Microsoft stock.
"For so many organizations in the same day to be hit, this is unprecedented", he said.
"Looking at the trends, it was going to happen", he said. But Microsoft has "been in a worse state in the past". In 2016, Hollywood Presbyterian Medical Center in California said it had paid a $17,000 ransom to regain control of its computers from hackers. There have been several incidents in the U.S., including one in IN where a hospital's IT system was taken down and patients had to be diverted to other facilities, according to a local news report. Experts suggested Saturday that the ransomware's progress had been halted, but new attacks could soon follow. These types of attacks account for 72% of all the malware incidents involving the healthcare industry in 2016, according to Verizon. The cyberattack, he said, could cause a major backlog in referrals.
He said many NHS hospitals in Britain use Windows XP software, introduced in 2001, and as government funding for the health service has been squeezed, "IT budgets are often one of the first ones to be reduced". As fast as they try and plug vulnerabilities, the hackers manage to stay one step ahead of them.