Written by Alexa Erickson
In recent hacker news, a group exploiting malicious software stolen from the National Security Agency executed damaging cyberattacks on Friday, resulting in a worldwide frenzy that froze computers at Russia’s Interior Ministry, forced Britain’s public health system to send patients away, and caused tens of thousands of computers elsewhere to malfunction.
With over 50,000 computer having been targeted, the ransomware virus infected computer files and then demanded money to unblock them.
According to Kaspersky Lab, a Russian cybersecurity firm, Russia was the worst-hit, followed by Ukraine, India, and Taiwan. Reports of attacks also came from Latin America and Africa. The attacks, believed to be the largest ransomware assault on record to date, was described by security experts as a perfect storm.
The attack began with a simple phishing email, much like the one Russian hackers used in the attacks on the Democratic National Committee and other targets last year. They then used a hacking method the NSA is believed to have developed as a cyberweapon to spread through victim’s systems. Finally, they encrypted the computer systems of the victims, which ultimately locked them out of important data.
The ransomware, called WanaCrypt0r 2.0, infected National Health Service (NHS) hospitals in the UK, as well as Spain’s biggest national telecommunications firm, Telefonica. More than 70 countries were affected.
The hacking tool was leaked by a group called the Shadow Brokers, which has claimed distribution of the stolen NSA hacking tools online since last year.
It may take months to discover who was behind the attacks, if they are found at all. Nonetheless, cybersecurity experts around the world remain alarmed, recognizing how vulnerable to internet invasions our important global systems truly are.
“When people ask what keeps you up at night, it’s this,” noted Chris Camacho, the chief strategy officer at Flashpoint, a New York security firm tracking the attacks. He went on to emphasize his concern regarding how the attacks spread like wildfire through corporate, hospital, and government networks.
And Rohyt Belani, another security expert and the chief executive of PhishMe, an email security company, called the wormlike characteristics of the malware a standout shift from prior ransom attacks. “This is almost like the atom bomb of ransomware,” Mr. Belani said. He warned that the attack “may be a sign of things to come.”
Originally posted @ Collective Evolution