ransomware
May 15, 2017 by

Ransomware Epidemic Hits 99 Countries

 An unprecedented ransomware cyberattack that researchers believe was developed using tools stolen from the National Security Agency (NSA) has struck tens of thousands of computers around the world.

The world witnessed the first ever sweeping cyberattack of its kind on Friday, when a strain of ransomware, now known as ‘WannaCry’, along with other variants of that name, struck number of organizations around the world.

In the UK, the National Health Service (NHS) was adversely impacted, particularly in England and Scotland. According to the BBC, about 40 NHS organizations in the two countries were struck by the ransomware, with medical procedures, surgeries and appointments canceled.

Screenshots shared by NHS staff of the ransomware revealed extortion demands of $300 in Bitcoin, a digital currency, to regain access to files on each computer.

The infections were traced back to a worm, a self-perpetuating program that spreads between computers by infecting them. While common malware programs rely on phishing schemes to trigger a malicious file, WannaCry actively hunts vulnerable and exploitable machines within an organization’s network once it is triggered.

Experts have pointed to tools released by hacker group ‘The Shadow Brokers’ who publicly dumped stolen NSA tools in April. These tools are believed to be built by the NSA to exploit a weakness in Microsoft computers.

For its part, Microsoft has already released a patch for the vulnerability in March. Windows machines with ‘Windows Update’ enabled will have automatically downloaded in patched the exploit. The software giant has also revealed it would roll out the update to users of outdated operating systems that no longer see any support, including the likes of Windows XP, Windows 8 and Windows Server 2003.

Security firm Avast detected some 75,000 cases of the WannaCry ransomware around the world. A growing number of European countries reported the infections on Friday.

Intriguingly, Russia has reportedly seen more infections than any other single country in the world. Russian domestic banks, the interior and health ministries, Russian state-owned railway operator among others were all victims of the ransomware. In Spain, telecom giants Telefonica and utility provider Gas Natural were among a host of others that were struck, before being forced to turn off their computers to evade the infection.

Other giants, including US logistics firm FedEx and French automobile manufacturer Renault, were also struck.Up to 99 countries were affected.

Microsoft’s advisory and details of the patch can be found here.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

UK Govt Blames North Korea for WannaCry Ransomware CyberAttack

  The UK government has blamed North Korea for WannaCry - the comprehensive ransomware...

Read more arrow_forward

Researcher who found the Wannacry ‘Kill-Switch’ was arrested by FBI

Researcher who found the ‘Kill-Switch’ for Wannacry Ransomware was arrested by FBI. Marcus...

Read more arrow_forward

TrickBot influenced by WannaCry and Petya, adds a self-spreading Worm Module

Security researchers have discovered that the latest version of Trickbot has been using the Windows...

Read more arrow_forward