Sunday, the 14th of May 2017 was a busy one for the technical staff as they spent it in patching and restoring infected computer systems, while the fear of a renewed “ransomeware threat” paralysing “car factories, hospitals, shops and schools” once again when the systems are logged onto on Monday, the 15th of May 2017, still lurks in the mind.
According to the experts of cyber-security, the virus “dubbed WannaCry – ‘ransomware’”, attacked over “100,000 computers”. Although, its spreading patterns seem to have slowed down, the experts warn that “the respite might only be brief”, as the authorities of cyber-security could not fathom the extent of “Friday's attack”, they speculate that new versions of the virus could be released soon.
PwC’s cyber-security partner, Marin Ivezic, informed that in attempt to reinstate systems, repair patches, install updates and recover backups, some of them have been busy “working around the clock since the story broke”. As per Reuters’ report:
“Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday”.
The bug is known as the “Eternal Blue”, while the Shadow Brokers’ hacking team had released the code for “exploiting that bug”, sometimes in the month of March 2017, whereby the group claimed that they stole the bug from “a repository of National Security Agency hacking tools”. However, the latter remained quiet on any request for comments.
Ivezic, based out of Hong-Kong, added that the ransomware forced more affected “mature” customers to quit their “usual” testing programme as caution, whereby prompting into “unscheduled downtime and urgent patching” resulting in “some inconvenience”. Nevertheless, he did not specify the affected clients’ names.
In fact, the agency of the “European Union police” stated that as on Sunday, the “cyber assault” had reached a number of “200,000 victims” spread across hundred fifty different countries. However, the number is likely to get bigger as people resume their office work on Monday. The Director of Europol, Rob Wainwright, said:
“The global reach is unprecedented ... and those victims, many of those will be businesses, including large corporations”.
“At the moment, we are in the face of an escalating threat. The numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning.”
A “security researcher”, based out of Singapore, Christian Karam, stated on Sunday, the 14th of May 2017:
“Expect to hear a lot more about this tomorrow morning when users are back in their offices and might fall for phishing emails”.
While, other ways of attacks remains as yet “unconfirmed”.
Among the affect victims are Renault, Nissan, “Deutsche Bahn”, FedEx Corp, Telefonica, Singapore based MediaOnline, Symantec, several clinics and hospitals under the “British National Health”, some of Asian universities, schools and hospitals, hospital in Jakarta,
The cyber security experts across the private and government sectors agree that the hackers could “tweak the malicious code used in Friday's attack, restoring the ability to self-replicate”, as in the words of FireEye’s Chief Technology Officer of Asia Pacific, Bryce Boland, added:
“This particular attack was relatively easy to shut down”.
Moreover, Reuters also added that:
“The U.S. government on Saturday issued a technical alert with advice on how to protect against the attacks, asking victims to report any to the Federal Bureau of Investigation or Department of Homeland Security”.
References:
http://www.reuters.com
According to the experts of cyber-security, the virus “dubbed WannaCry – ‘ransomware’”, attacked over “100,000 computers”. Although, its spreading patterns seem to have slowed down, the experts warn that “the respite might only be brief”, as the authorities of cyber-security could not fathom the extent of “Friday's attack”, they speculate that new versions of the virus could be released soon.
PwC’s cyber-security partner, Marin Ivezic, informed that in attempt to reinstate systems, repair patches, install updates and recover backups, some of them have been busy “working around the clock since the story broke”. As per Reuters’ report:
“Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday”.
The bug is known as the “Eternal Blue”, while the Shadow Brokers’ hacking team had released the code for “exploiting that bug”, sometimes in the month of March 2017, whereby the group claimed that they stole the bug from “a repository of National Security Agency hacking tools”. However, the latter remained quiet on any request for comments.
Ivezic, based out of Hong-Kong, added that the ransomware forced more affected “mature” customers to quit their “usual” testing programme as caution, whereby prompting into “unscheduled downtime and urgent patching” resulting in “some inconvenience”. Nevertheless, he did not specify the affected clients’ names.
In fact, the agency of the “European Union police” stated that as on Sunday, the “cyber assault” had reached a number of “200,000 victims” spread across hundred fifty different countries. However, the number is likely to get bigger as people resume their office work on Monday. The Director of Europol, Rob Wainwright, said:
“The global reach is unprecedented ... and those victims, many of those will be businesses, including large corporations”.
“At the moment, we are in the face of an escalating threat. The numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning.”
A “security researcher”, based out of Singapore, Christian Karam, stated on Sunday, the 14th of May 2017:
“Expect to hear a lot more about this tomorrow morning when users are back in their offices and might fall for phishing emails”.
While, other ways of attacks remains as yet “unconfirmed”.
Among the affect victims are Renault, Nissan, “Deutsche Bahn”, FedEx Corp, Telefonica, Singapore based MediaOnline, Symantec, several clinics and hospitals under the “British National Health”, some of Asian universities, schools and hospitals, hospital in Jakarta,
The cyber security experts across the private and government sectors agree that the hackers could “tweak the malicious code used in Friday's attack, restoring the ability to self-replicate”, as in the words of FireEye’s Chief Technology Officer of Asia Pacific, Bryce Boland, added:
“This particular attack was relatively easy to shut down”.
Moreover, Reuters also added that:
“The U.S. government on Saturday issued a technical alert with advice on how to protect against the attacks, asking victims to report any to the Federal Bureau of Investigation or Department of Homeland Security”.
References:
http://www.reuters.com