By Dani Graham
Almost 100 countries around the world are dealing with the aftermath of a global cyberattack which hijacked the files of some 100,000 computers.
The ransomware called WanaCrypt0r 2.0 infiltrates a computer and locks up the files by encrypting them which in turn renders it useless to the user. As people around the world went to access their computers they were met with a dire message demanding 300 in bitcoins in order to regain control of their files.
Researchers have detected the ransomware in 99 countries with Russia getting hit the hardest. Ukraine, India, and Taiwan were also been targeted along with U.K. hospitals, Chinese Universities, FedEx, automakers Renault and Nissan as well as German railways.
This cyberattack took on a more sadistic turn as human lives were put at risk with its assault on 48 of the 248 NHS trusts in the United Kingdom. Doctors in hospitals and other medical facilities were unable to access patient files causing emergency rooms to have to divert patients and numerous surgical procedures needed to be postponed.
The virus spreads through a weakness in Windows called EternalBlue. Although Microsoft released a patch last month only those who installed the latest Windows security update were safe from the attack.
This ransomware travels the internet through vulnerable computers where one needs not even click on a link to fall prey to the malicious malware.
Although it appears that money was the motivation behind the cyberattack it is not yet clear if there may be a more sinister reason. Cyber security expert, Robert Pritchard said, “Ransomware attacks happen every day – but what makes this different is the size and boldness of the attack,”.
The attackers included a kill switch in order to disable the malware in the event they wanted to stop their attack. To accomplish this they have the coded virus send a request to a website they created. A website they failed to register and when a British researcher discovered their oversight he decided to buy it himself. In a stroke of luck when the 22 yr old made the site go live it shut down the attack.
Although the young man whose Twitter handle is @MalwareTechBlog asked to remain anonymous he is the inadvertent hero who saved other countries, including the United States, from being affected.
Could this attack have been averted?
Last month hackers known as Shadow Broker did a data dump of hacking tools suspected to have come from the NSA. It is believed that one of those hacking tools were involved in this newest widespread global cyberattack. In order to be able to create a hacking tool for Windows, the vulnerability would have to have been detected long before.
Edward Snowden, a former employee of the CIA and government contractor known for leaking classified information used his Twitter account to suggest that the NSA could have prevented the attack if they had made Microsoft aware of susceptibility of Windows.
— Edward Snowden (@Snowden) May 12, 2017
How to protect yourself
Since it is not yet known who is behind the attack or if it is over a global effort is underway to minimize the damage. While those who’ve already been hit by this attack may never regain access to their files you can protect yourself by downloading the newest Windows security update as well as any subsequent updates.