WANNACRY ATTACK: NHS, major organisations left reeling by co-ordinated hack

 

Winnipeg – VIJAY SHAH via Winnipeg Free Press and ReportCA.net

Several of the United Kingdom’s National Health Service trusts, as well as numerous large companies across the globe are still recovering from a large-scale ‘unprecedented’ ransomware cyber attack which occurred this weekend, ReportCA.net wrote yesterday.

The ‘cyberextortion’ attack, which involved hackers accessing computers via phishing emails, and locking systems and encrypting company data, also affected numerous firms engaged in the manufacturing, finance and transport sectors. Government agencies were also caught up in the debacle. Technicians at the NHS, which offers subsidised healthcare in the U.K., scrambled to limit the spread of the ransomware, which caused problems with accessing patient data and hospital appointments, among other things. Many companies ordered their employees to disconnect their workstations from the Internet and to avoid opening emails from unfamiliar sources.

Such was the scale of this weekend’s mass attack, Microsoft was moved into changing its cybersecurity policy, making free of charge updates and patches for computers running older packages such as Windows XP, which many small and medium enterprises still rely on, due to the expense of system upgrades or lack of technical knowledge and ICT skills.

 

 

 

Apart from the NHS, Spain’s Telefonica and Iberdrola also reported computers being targeted. The German national railway Deutsche Ban was another victim. ReportCA.net published a photo taken by an eyewitness at Chemnitz rail station, showing a display board for train times. The screen was partly obscured by a red and white pop-up with a padlock logo, a sight reported by other victims of the attack. The hackers locked out users and demanded payment in bitcoin currency to release encrypted data. Other victims included the Russian Interior Ministry, the country’s mobile phone operators MTS and MegaFon, French car maker Renault, and football clubs in Europe. One long-established club, IF Odd, said Saturday that its online ticketing service was crippled by the ransomware.

The British home secretary Amber Rudd said that one in five of her country’s 248 NHS trusts, which manage hospitals and patient services above general practitioner level, had been hit. Thousands of patient appointments and operations, including for serious conditions, were cancelled, as medical staff were frozen out of their databases and systems. According to Rudd, 48 trusts were affected, but quick reaction times by their ICT departments meant that as of yesterday, only six were still reporting issues. The National Cyber Security Centre also stepped in to mitigate the impact of the attack.

Cybersecurity officials urged both individuals and companies to ensure they regularly update their anti-virus and security systems, enact security updates if they are Windows users and to back-up data on a separate server or in the cloud.

The source of the attack is as yet unknown, although Russian and Chinese hackers have targeted companies and governmental agencies in the West in past years. Two cybersecurity firms, Avast and Kaspersky Lab, have said that the ransomware attacked PCs in 70 countries, with Russia the most affected. There have been reports that the hackers used the WannaCry ransomware program, said to have been based on spying technology utilised by America’s NSA (National Security Agency). More than 36,000 infections were detected by yesterday. It is reported that the hackers behind ‘WannaCry’ stole the hacking tools from the NSA, which created the tool to exploit a loophole in Microsoft’s Windows operating system.

Ori Eisen, founder of Trusona cybersecurity firm in Scottsdale, Arizona, USA, warned that the WannaCry attack is just the beginning and another more advanced attack could have serious and potentially lethal implications. Speaking with the Associated Press news agency, Eisen said: This is child”s play, what happened. This is not the serious stuff yet. What if the same thing happened to 10 nuclear power plants, and they would shut down all the electricity to the grid? What if the same exact thing happened to a water dam or to a bridge?” he asked.

“Today, it happened to 10,000 computers,” Eisen said. “There”s no barrier to do it tomorrow to 100 million computers.”

Intranational policing agency Europol described the attack as at “an unprecedented level and will require a complex international investigation to identify the culprits.”

The onslaught of WannaCry was successfully halted after a 22-year-old British cybersecurity researcher, known only by his or her tag ‘MalwareTech’ accidently stumbled across a ‘kill switch’ that disabled the ransomware. By entering a nonsensical domain name, MalwareTech was able to stop the malware spreading further. He or she purchased the domain name for around £9, yet this quick thinking decision saved companies millions in potential damage control. The kill switch only worked for those not affected however, and many organisations who were already hit were forced to pay the ransom demand or call up emergency data stocks.

SOURCES:

HEM Newsbreakers, HEM News Agency, Twitter, Twitter Inc. https://twitter.com/halfeatenmind/lists/hem-newsbreakers

Report 24 Canada, Twitter, Twitter Inc. https://twitter.com/Report24CA

“Unprecedented global “ransomware” attack seeks cash for data” – Winnipeg Free Press via ReportCA.net (13 May 2017) https://reportca.net/2017/05/unprecedented-global-ransomware-attack-seeks-cash-for-data/

IMAGE CREDIT:

“File:Wana Decrypt0r screenshot.png” – WannaCry via SecureList, Wikimedia Commons (12 May 2017) https://commons.wikimedia.org/wiki/File:Wana_Decrypt0r_screenshot.png

 

Advertisements