15 hours ago
Saturday, May 13, 2017
"Unprecedented" Cyberattack Hits Thousands of Computers In 99 Countries
A massive cyberattack has hit at least 75,000 computers in 99 countries in the past few days. Described as "unprecedented" in scale, the attacks have been infecting both individuals and institutions from home computers to government agencies to businesses to hospitals. In Great Britian alone, at least 48 hospitals, clinics, and other health institutions were affected. Although some surgeries were postponed, there are no reports of deaths yet related to the hacking.
Reports of the malware, called "WannaCry" began coming in on Friday. What happens io infected computers is the files are locked and a picture appears on the screen demanding $300 US dollars worth of Bitcoin within three days for the key to unlock the computer. Unlike typical malware attacks that rely on tricking computer users into opening email attachments or clicking on links, WannaCry is a worm that attacks computers through active online connections through vulnerabilities in system software. WannaCry locks up files, looks for other vulnerable computers to infect, then deletes itself. Most computer experts recommend treating the files as lost, with only the backup files on external hard drives, if any, as recoverable. It is not recommended that people pay the criminals as in past cases of ransomware, the criminals almost never provided any key to recover lost files. It is believed that the reason Bitcoin is the method of payment demanded is because it's transactions can't be traced.
In an ironic twist, the worm may be based on a spyware tool created by the NSA to snoop on people's computers, designed to take advantages of vulnerabilities in Windows software that it had discovered. The program was leaked in April by computer hackers whom had discovered it. The agency will neither confirm or deny their program had anything to do with WannaCry. A lawyer for the American Civil Liberties Union called this "deeply troubling," saying the NSA should have notified Microsoft of the vulnerabilities instead of taking advantage of them, "These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world. Patching security holes immediately, not stockpiling them, is the best way to make everyone's digital life safer." Others put the blame less on the NSA and more on institutions for being too slow to update systems, the attack happening two months after Microsoft had a patch available.
One British computer security blogger halted one strain of the malware by accident. Known as "Malware Tech," he decided to investigate the attack, and after an all-night session noticed the strain was trying to contact a specific web address every time it infected a new system. Seeing it was unregistered, he bought it for eight Pounds ($10.69 USD) to see where the attacks were happening. But in doing se, he accidentally triggered a "kill switch" for the strain. But there are still other strains of the worm out there.
A reminder that the computer world is full of dangers.
Sources: BBC, Arstechnica, Nerdgasm