'WannaCry' ransomware attack: What we know so far

Experts said it appeared that the ransomware had made just over $32,000, although they expected that number to pop when people went back into the office Monday.

He said it was too early to say who is behind the onslaught and what their motivation was.

The 200,000 victims included more than 100,000 organizations, Europol spokesman Jan Op Gen Oorth told The Associated Press.

The hackers used the tool to encrypt files within affected computers, making them inaccessible, and demanded ransom - typically US$300 in bitcoin.

The effects were felt across the globe, with Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the US and French carmaker Renault all reporting disruptions.

Had it not been for a young cybersecurity researcher's accidental discovery of a so-called "kill switch", the malicious software likely would have spread much farther and faster that it did Friday.

"As a result, cybercriminals will continue their activity and look for new ways to exploit systems that result in more infections and more money in their accounts", Europol said in a statement.

Nonetheless, the experts say such widespread attacks are tough to pull off.

The aggressive malware, dubbed WannaCrypt, utilized a previously reported vulnerability found within the Windows operating system produced by Microsoft. "The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States". Users are then asked to pay the attackers a "ransom" to regain control, but Mr MacGibbon said businesses were better off relying on their backups if they have them.

Called WannaCry or WannaCrypt, the ransomware program is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March.

"That's what makes this more troubling than ransomware was a week ago", Thakur said.

Microsoft has already released a patch for the latest Windows 10 operating system which is mandatory to download.

Chinese media reported that more than 29,000 institutions in the country had been struck by Saturday evening, with universities and other educational entities the hardest hit, along with railway services and retailers.

It is unclear whether MalwareTech's tracker is counting each query to the domain - which would include people simply navigating to the website out of curiosity - or whether it has filtered for actual infections.

Special adviser to the Prime Minister on Cyber Security Alastair MacGibbon said the first thing Australians should do when they get in to work on Monday is update their Microsoft software. But some experts have argued this attack could have been vastly mitigated if the NSA told Microsoft sooner.

"This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it's something every top executive should support", said Smith. "But there's clearly some culpability on the part of the US intelligence services".

"They have been working I know through the night nearly to make sure patches are in place to make sure that hopefully the NHS services can get back to normal", he told BBC radio.

Recommended News

  • Mourinho Praises Rashford After Celta Vigo Win

    Mourinho Praises Rashford After Celta Vigo Win

    Manchester United manager Jose Mourinho pledged to rest a host of first-team regulars for Sunday's Premier League showdown at Arsenal as he believes his side have missed their chance to claim a top-four finish.

    Australian banks lick wounds after tax hit

    NAB chief executive Andrew Thorburn said it is not possible to impose a tax without an impact on people. The head of the Australian Bankers' Association called the levy "a direct attack on jobs and growth".

    Government activates mechanism to prevent cyber attack

    The attackers will likely modify their code to remove the somewhat silly error or mistake, and restart their ransomware campaign. Microsoft blamed the USA government for "stockpiling" the software code that was used by unknown hackers to launch the attacks.
  • #RWC2019: Springboks to face All Blacks in pool stages

    Twelve teams were included in yesterday's draw in Kyoto by virtue of finishing in the top three of their groups in 2015. In the other pools, there will be heavyweight battle between New Zealand and South Africa in Pool B .
    Sturgeon: SNP 'vital' to protect Scotland from dangers of Tory government

    Sturgeon: SNP 'vital' to protect Scotland from dangers of Tory government

    Ms Sturgeon said: "I'm over the moon that we are the largest party in Glasgow and are about to form an administration in the city. Tory deputy leader Jackson Carlaw said: "Her position on Europe has descended into complete chaos".
    Pakistan assisted escape of Indian soldiers' attackers, alleges Arun Jaitley

    Pakistan assisted escape of Indian soldiers' attackers, alleges Arun Jaitley

    This comes after the Defence Minister Arun Jaitley said Islamabad's denials carried no credibility. Pakistan had yesterday sought from India “actionable evidence” to back its claim on the issue.
  • Hot Stock for Investors: Synchrony Financial (SYF)

    To gauge your chances of picking a winning stock, take a close look at its fundamentals, especially its earnings-per-share growth. The company has been one of the biggest innovators in "Credit Services" employing approximately 15000 full time employees.
    Ransomware Attack Hits 200000 Targets in 150 Countries

    Ransomware Attack Hits 200000 Targets in 150 Countries

    It was, after all, the NSA that exploited vulnerabilities for its own purposes without informing Microsoft. The attack mostly impacted computers in Europe and Asia and for the most part spared North America.

    Maxim Group Indicated Teva Pharmaceutical (NYSE:TEVA) As 'Hold'

    The Company is engaged in developing, producing and marketing generic medicines and a portfolio of specialty medicines. On average, equities analysts expect that Teva Pharmaceutical Industries Ltd will post $4.80 EPS for the current year.
  • Extending Oil Output Cuts Will Stabilise Prices, Says Putin

    Extending Oil Output Cuts Will Stabilise Prices, Says Putin

    "With these two countries behind the extension of the accord, chances are very high that they will get all of OPEC behind it". Oil prices jumped over 1.5 percent on Monday after the Saudi-Russian statement.
    Alphabet's Waymo Unite With Lyft to Manufacture Self Driven Cars

    Alphabet's Waymo Unite With Lyft to Manufacture Self Driven Cars

    District Judge William Alsup in San Francisco also said that Uber must promptly return stolen confidential files to Waymo. The following August, Uber bought Ottomotto for $680 million and hired Levandowski to lead its self-driving auto efforts.
    Massive ransomware cyber attack reported worldwide

    Massive ransomware cyber attack reported worldwide

    Germany's Deutsche Bahn computers were also impacted, with the rail operator reporting that station display panels were affected. The companies and government agencies targeted were diverse.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.