Log in, look out: cyberattack havoc could grow at week's start

Updated 2017-05-15 11:30:21 chinadaily.com.cn

An unprecedented "ransomware" cyberattack that has already hit tens of thousands of victims in 150 countries could wreak greater havoc as more malicious variations appear and people return to their desks Monday and power up computers at the start of the workweek.

Officials and experts on Sunday urged organizations and companies to update their operating systems immediately to ensure they aren't vulnerable to a second, more powerful version of the software — or to future versions that can't be stopped.

The cyberattack paralyzed computers that run Britain's hospital network, Germany's national railway and scores of other companies and government agencies worldwide.

Chinese media reported Sunday that students at several universities were hit, blocking access to their thesis papers and dissertation presentations.

The attack, already believed to be the biggest online extortion scheme ever recorded, is an "escalating threat" after hitting 200,000 victims across the world since Friday, according to Rob Wainwright, the head of Europol, Europe's policing agency.

"The numbers are still going up," Wainwright said. "We've seen that the slowdown of the infection rate over Friday night, after a temporary fix around it, has now been overcome by a second variation the criminals have released."

Researchers discovered at least two variants of the rapidly replicating worm Sunday and one did not include the so-called kill switch that allowed them to interrupt its spread Friday by diverting it to a dead end on the internet.

Ryan Kalember, senior vice-president at Proofpoint Inc, said the version with no kill switch was able to spread but it contained a flaw that wouldn't allow it to take over a computer and demand ransom to unlock files. However, he said it's only a matter of time before such a version exists.

"I still expect another to pop up and be fully operational," Kalember said. "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself."

The attack held users hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment — 0 at first, rising to 0 before it destroys files hours later.

The 200,000 victims included more than 100,000 organizations, Europol spokesman Jan Op Gen Oorth told The Associated Press.

He said it was too early to say who was behind the onslaught and what their motivation was, aside from the obvious demand for money. So far, he said, not many people have paid the ransom demanded by the malware.

The effects were felt across the globe, with Britain's National Health Service, Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp in the US and French carmaker Renault all reporting disruptions.

Had it not been for a young British cybersecurity researcher's accidental discovery of a so-called "kill switch," the malicious software likely would have spread much farther and faster.

The 22-year-old researcher known as "MalwareTech," who wanted to remain anonymous, said he spotted a hidden web address in the "WannaCry" code and made it official by registering its domain name. That move, which cost just .69, redirected the attacks to the server of Kryptos Logic, the security company where he works. The server operates as a "sinkhole" to collect information about malware — and in Friday's case kept the malware from escaping.

Security officials urged organizations to protect themselves by installing security fixes right away, running antivirus software and backing up data elsewhere.

"Just patch their systems as soon as possible," MalwareTech said. "It won't be too late as long as they're not infected. It should just be a case of making sure installing updates is enabled, installing the updates, and reboot."

The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the US National Security Agency for its own intelligence-gathering purposes. The NSA tools were stolen by hackers and dumped on the internet.

Also in the News

Nicole Kidman Recalls Oscar Glory: Loneliest Time
Showbiz2016/06/16 13:58August 17 2017 21:38:56

Nicole Kidman Recalls Oscar Glory: Loneliest Time

Attending Shanghai International Film Festival, Nicole Kidman talks about her role in "Grace of Monaco".

Labor Day Travel Peak Starts
Also in the News2014/05/01 12:16August 17 2017 21:38:56

Labor Day Travel Peak Starts

Johnny Depp Delivers a Speech 'Evolve the Future' in 'Transcendence'
Also in the News2014/04/18 13:18August 17 2017 21:38:56

Johnny Depp Delivers a Speech 'Evolve the Future' in 'Transcendence'

Hollywood star Johnny Depp's speech in the upcoming new film "Transcendence" has been disclosed on Friday, April 11th.

Most Watched

News:
China World Business Sports Showbiz Audio
Video:
C4 My Chinese Life The Sound Stage China Revealed Showbiz Video Travel Video
Photos:
China World Fun Travel Entertainment Sports
Travel:
Beijing Shanghai Guangzhou
Lifestyle:
Live Music Opera & Classical Movies Traditional Shows Exhibitions
Learn Chinese:
Chinese Studio Living Chinese Everyday Chinese Just For Fun Chinese Culture Buzzwords