Cyber criminals are on move. Beware of cyber attacks. So far, 74 countries have been hit by a huge ransom ware attack and cyber criminals demanded $300 per computer.
It has disabled more than a dozen hospitals in the United Kingdom, Spain’s largest telecom company and universities in Italy as well as some FedEx computers.
Infected computers showed a screen that after seven days the files would be deleted if not paid. The largest telecommunications company in Spain reported that it has to pay close to $550,000 to unlock all the encrypted computers hit on its network.
Avast, a Czech security company that is following the fast-moving attack has recorded over 50,000 attacks globally as of Friday afternoon reported that this ransom ware is believed to be linked to an exploit, which was one of many hacking tools stolen from the NSA and published online by a group that called itself the Shadow Brokers on April 14.
NSA developed #WannaCry ‘dangerous attack tools’ – Snowden analysis of #WanaCrypt0r #WCry exploit https://t.co/KwuBdpA92T pic.twitter.com/DZScI8kbd6
— RT (@RT_com) May 13, 2017
It also mentioned that the ransomware code named WanaCrypt has been in use by criminals since at least February which is available in at least 28 languages.
“It’s very well-written code and there is no easy way to crack the encrypted files once they’re infected,” said Kurt Baumgartner, a principal security researcher with Kaspersky Lab in Moscow
Hackers behind the Wanna Decryptor virus, a type of malware, often ask users for money to retrieve access to files they have encrypted.
Sometimes called a “wormable” vulnerability, it is considered very serious because of the speed at which worms can infect and jump from system to system, said Philip Reitinger, president of the non-profit Global Cyber Alliance.
Any network with a web server online that was running an unpatched Windows 10 machine would be vulnerable, and Dillon estimates there may be as many as 2 million such machines out there.
Security experts advise to install the Microsoft fix—MS17-010—right away. Following the installation, make sure to reboot the system.
Regarding today’s ransomware nightmare, it’s very bad. Apply MS17-010 immediately, and urgently!
— Ryan Naraine (@ryanaraine) May 12, 2017
Patient’s Data At Risk
In a statement, the NHS said: “A number of NHS organizations have reported to NHS Digital that they have been affected by a ransom ware attack which is affecting a number of different organizations. The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.”
“At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organizations to confirm this.”
— gigi.h (@fendifille) May 12, 2017
East and North Hertfordshire NHS Trust, which runs four hospitals north of London, said in a statement: “Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls.”
Chris Mimnagh, doctor in Liverpool, told the Guardian: “Unable to access our clinical system – as a precaution our area has severed links to the wider NHS, which means no access to our national systems, no computers means no records, no prescriptions, no results. We are dealing with urgent problems only. Our patients are being very understanding so far.”
NHS Million, a campaign which supports NHS staff and is separate from the NHS, tweeted:
We just don’t understand the mentality of some people. The only people suffering are people that need emergency care. #nhscyberattack https://t.co/Rk2rGMOLDu
— NHS Million (@NHSMillion) May 12, 2017
What is Ransom Ware?
It’s a malware designed to steal money from individuals, businesses and other organizations by holding their data hostage. And you know, it is a big business where cyber criminals demands money that range from a few hundred to thousands of dollars and are usually paid in the “virtual” currency Bit coin, which is nearly impossible to trace.
However, this is not the first time this type of attack occurred. In February 2016, L.A.’s Hollywood Presbyterian Medical Center paid a ransom of $17,000 to get its computer systems unlocked.
Here is what you can do:
1. Never click a link inside an email; instead, type the web address directly into your browser.
2. Never open an attachment unless you know the sender and what the attachment will be.
3. Don’t open sites that has pirated movies; you can get infected simply by visiting a dodgy site.
4. Just because a web site tells you to install software, don’t do it blindly.
5. It’s good to keep a backup copy of all your personal files on a separate drive or with a “cloud”-based backup service.
Beware of cyber attacks and protect yourself. If you know any other tips, please share us in the comments.