WannaCry targets Microsoft Corp.'s Windows computers, mostly at businesses and government organizations, and has so far affected everything from hospitals in the U.K.to FedEx Corp.in the U.S.to gas station cards in China.
Many firms have had experts working over the weekend to prevent new infections.
Hackers have since updated the ransomware, this time without the kill switch.
They proposed a plan to improve cyber security that included a replacement of outdated systems "as a matter of urgency", calling its continued use "one of the most pressing issues facing IT infrastructure" in the NHS.
The good news - in addition to Microsoft's prompt patching for older OSs - is that shortly after WannaCry started making trouble on Friday, a security researcher in the United Kingdom known by the moniker MalwareTech stumbled upon a crucial piece of data in the malware's code. In what it said was a "highly unusual" step, Microsoft also agreed to provide the patch for older versions of Windows, including Windows XP and Windows Server 2003. As makers of anti-virus software release updates to block it, hackers deploy new variants to evade detection.
Apart from the NSA leak, there was also a Central Intelligence Agency leak that happened in March this year, reminded Saket Modi, founder of Delhi-based cybersecurity firm Lucideus. But the cyber assault has not hammered the U.S. His firm gets three to four malware attack related requests from companies every week, he said.
It's unknown how many thousands (or hundreds of thousands) of PCs this clever ruse ultimately ended up saving from WannaCry's clutches - but the hard truth is that other strains of the malware have since been detected by other security researchers, and these newer versions can't be fooled by the same trick. The security flaw that hackers used to launch the attacks on Friday was made public after information was stolen from the NSA, which routinely searches for flaws in software and builds tools to exploit them, the report said. "And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today - nation-state action and organized criminal action".
Not many teams better than Spurs, says Kane
Spurs edged out Manchester United 2-1 in the last ever game at White Hart Lane on Sunday to clinch second spot in the league behind champions Chelsea.
Smith's blog post did not address another factor in the ransomware's spread, one that hints at the difficulty of uniting against a hacking attack: Users of pirated Microsoft software are unable to download the security patch, forcing them to fend for themselves or rely on a third-party source for a solution. Lindsey Graham says selecting an Federal Bureau of Investigation agent to lead the agency would allow the nation to "reset". So the malware is being actively monitored and maintained.
He said it was too early to say who is behind the onslaught and what their motivation was.
"WannaCry", as the ransomware is known, uses a Windows vulnerability originally identified by the NSA, according to security experts. "The rapid and quick-moving malware underground ensures that anti-malware vendors are always playing catchup".
The attack that began Friday is believed to be the biggest online extortion attack ever recorded, with victims including Britain's hospital network and Germany's national railway. "In short, it has a lot of computers and at least some of them weren't able to withstand an attack like this". All the security experts we spoke to agreed with Troy Hunt's tips, which include patching and having a robust backup strategy. The central bank reportedly said those monitoring the cyberattacks found "no incidents compromising data resources of banking institutions". In this sense, the WannaCrypt attack is a wake-up call for all of us. How to not become a victim of social engineering.
"The implementation of the encryption was pretty rock solid", said Symantec's Thakur.
Disclosure: FactorDaily is owned by SourceCode Media, which counts Accel Partners, Blume Ventures and Vijay Shekhar Sharma among its investors. None of FactorDaily's investors have any influence on its reporting about India's technology and startup ecosystem.
- Global ransomware attack puts Winnipeg systems on alert
- France: l'annonce du gouvernement reportée à mercredi (Élysée)
- Derby champ Always Dreaming heads to Preakness early
- Bourne surgery turns patients away as a result of cyber attack
- Pulis concedes West Brom must find 'that little bit of quality'
- US Justice Chief Sessions to Quiz Four Candidates to Lead FBI
- After Ransomware Attack, Wary Banks Shut Down Some ATMs
- Tornadoes Cause Destruction in Wisconsin and Oklahoma
- TMC wins 4 out of 7 civic bodies in West Bengal
- Sen. John Cornyn removes self from consideration for FBI director role