Mardi, 2 Mars 2021
Dernières nouvelles
Principale » Researcher Finds 'Kill Switch' To Stop Spread Of Global Cyber Attack

Researcher Finds 'Kill Switch' To Stop Spread Of Global Cyber Attack

14 Mai 2017

This one worked because of a "perfect storm" of conditions, including a known and highly risky security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and malware created to spread quickly once inside university, business and government networks.

A malware tracking map showed "WannaCry" infections popping up around the world. "It's stressful enough for someone going through recovery or treatment for cancer".

Hospitals in areas across Britain found themselves without access to their computers or phone systems. Renault's futuristic assembly line in Slovenia, where rows of robots weld auto bodies together, was stopped cold. Two big telecom companies, Telefónica of Spain and Megafon of Russian Federation, were also hit.

British Home Secretary Amber Rudd said Saturday that 45 public health organizations were hit, but she stressed that no patient data had been stolen.

Ransomware attacks are on the rise around the world.

In Russia, the Interior Ministry said around 1,000 computers were hit by a cyber attack.

These hackers "have caused enormous amounts of disruption- probably the biggest ransomware cyberattack in history", said Graham Cluley, a veteran of the anti-virus industry in Oxford, England. "We advise not paying the ransom because as more and more people do pay it, obviously, it emboldens the attackers that are doing this and it will continue to grow, and grow, and grow, and grow".

A cybersecurity researcher appears to have discovered a "kill switch" that can prevent the spread of the WannaCry ransomware - for now - that has caused the cyberattacks wreaking havoc globally, they told AFP Saturday.

The BBC broadcast a screen-shot of a message apparently sent to the National Health Service medical facilities demanding payments for unlocking computer files that had been "encrypted" by the attack. Hackers demanded victims pay a ransom that started at $300 for access to documents, photos, databases, videos and other files.

Authorities said they were communicating with more than 100 energy, transportation, telecommunications and financial services providers about the attack. "What if the same exact thing happened to a water dam or to a bridge?" he asked.

Global Cyber Attack Hits Hospitals, Companies
The damage and effects are being analysed by the team in coordination with the concerned authorities to recover from the malware. Renault's futuristic assembly line in Slovenia, where rows of robots weld auto bodies together, was stopped cold.

This is already believed to be the biggest online extortion attack ever recorded, disrupting services in nations as diverse as the U.S., Ukraine, Brazil, Spain and India.

The attack appeared to exploit a vulnerability that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet. That low-priced move redirected the attacks to MalwareTech's server, which operates as a "sinkhole" to keep malware from escaping.

"Upon running the sample in my analysis environment I instantly noticed it queried an unregistered domain, which i promptly registered", he said in a blog post about the incident.

The Spanish government said several companies had been targeted in ransomware cyberattack that affected the Windows operating system of employees' computers.

In the United States, FedEx acknowledged it had been hit by malware and was "implementing remediation steps as quickly as possible".

"The crisis isn't over, they can always change the code and try again", @MalwareTechBlog said. Turn on auto-updaters where available (Microsoft offers that option).

"The key question" to consider is how an attack such as Friday's could originate "from a noncritical system such as email" and then spread to other systems, said Awais Rashid, a professor of software engineering at Lancaster University.

The security holes it exploits were disclosed weeks ago by TheShadowBrokers, a mysterious hacking group.

Windows users who haven't updated their systems since the patch became available remain at risk in this attack.

French carmaker Renault's assembly plant in Slovenia halted production after it was targeted.