Lundi, 16 Juillet 2018
Dernières nouvelles
Principale » Global cyber attack dying down, 104 countries affected

Global cyber attack dying down, 104 countries affected

15 Mai 2017

A man holds a laptop computer as code is projected on him in this illustration made on May 13, 2017.

The ransomware attack that affected numerous computers in over 100 countries forced to shut procedures in hospitals, making it hard for them to function normally.

"We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain", Vikram Thakur, principal research manager at Symantec, said as the threat subsided.

"But even if 100,000 computers are affected by this attack, it's worth remembering that this is just a tiny fraction - less than 0.0001 percent - of the billion or more computers running Windows in the world today". Ransoms paid so far amount to only tens of thousands of dollars, one analyst said, but he predicted they would rise.

Prior to the dump, Microsoft released a fix, or patch, for the issue, although computers that did not install the update, or could not due to the age of their software, would have been vulnerable to attack. WannaCry exploited a vulnerability to spread itself across networks, a rare and powerful feature that caused infections to surge on Friday. Shadow Brokers said that they obtained it from a secret NSA server.

In April, Shadow Brokers released a piece of National Security Agency (NSA) code known as "Eternal Blue", as part of a trove of hacking tools they said belonged to the U.S. spy agency.

The NSA did not respond to a request for comment.

Over the weekend, the ransomware hit systems in over 150 countries, including Russian Federation and the United Kingdom, in one of the most widespread cyber attacks in history.

In Russia, government agencies insisted that all attacks had been resolved.

In addition to Russian Federation, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, unpatched versions of Windows in use, according to security firms. Authorities in Britain have been braced for cyber attacks in the run-up to the election, as happened during last year's US election and on the eve of the French one. "Many of those will be businesses including large corporations".

Europe's police agency says the attack has hit at least 100,000 organizations in 150 countries.

The Eternal Blue code gives access to all computers using Microsoft Windows, the world's most popular computer operating system.

Trump likely to visit Federal Bureau of Investigation headquarters in coming days - White House
In the normal course of events, we might hope that such a transgression of norms would be met with a filibuster in the Senate. Comey, who was sacked by President Donald Trump on Tuesday, was invited to speak before the committee in a closed session.

Attackers have demanded $300 to $600 to unlock encrypted files.

"With notice to what information technology is now witnessing waves of hacking attacks using ransomware and that have targeted a number of Oman's institutions earlier, the center's team has been working from the very first hours with specialists to solve the problem on some of the affected sites".

That is far below what it is likely to cost companies to recover from such attacks.

Researchers say this type of ransomware will continue.

Renault on Saturday said it had halted manufacturing at plants in Sandouville, France, and Romania to prevent the spread of ransomware in its systems.

Among the other victims is a Nissan manufacturing plant in Sunderland, northeast England, though a spokesman said "there has been no major impact on our business".

After an emergency government meeting Saturday in London, Britain's home secretary said one in five of 248 National Health Service groups had been hit. The British Home Secretary said most of the NHS systems were back to normal by midday Saturday.

In Germany, train operator Deutsche Bahn wrote on Twitter that signboards in stations were affected, though no train operations were affected.

The former US national intelligence director says the global "ransomware" attack could grow much larger when people return to work.

Edward Snowden, the whistleblower who exposed the broad scope of NSA surveillance in 2013, tweeted, "If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened". Portugal Telecom and Telefonica Argentina both said they were also targeted.

"The NCSC has been working in collaboration with a number of organisations in the cyber security community, including MalwareTech and 2SEC4, to understand and mitigate the current Wannacry ransomware threat".