A massive cyber-attack using tools believed to have been stolen from the US National Security Agency (NSA) has struck organizations around the world .
A massive global cyberattack – likely caused by the spread of malware developed by the US National Security Agency as part of its cyberwarfare arsenal – hit computers around the world on Friday and rendered them inoperable. The malicious ransomware attacked computers in 99 countries and locked down their files while demanding that system administrators pay a fee of between $300 and $600 within six hours in exchange for regained access.
The malware, known as "WannaCry" or "WanaCrypt," rapidly infected computers of organizations internationally such as the National Health Service in the UK, the Spanish telecom firm Telefonica and the US-based delivery service FedEx.
Some news outlets reported that the bulk of the cyberattack on Friday took place in Russia, Ukraine, and Taiwan. It was also reported that the malware disrupted the functioning of banks, transportation systems and other mission-critical operations around the world.
According to cybersecurity experts, the malware is targeting computers running Microsoft Windows. When downloading or clicking on an infected file or application, the malware exploits a security flaw in the operating system and proceeds to encrypt the files of the target system and then demands a payment in bitcoin (electronic currency) by a specified date in exchange for restoring access.
The ransomware is also a "worm," which means that it is engineered for self-replication as far and wide as possible and aimed at being transferred to all computers connected with the host system.
Although Microsoft released a patch to fix the OS security vulnerability in March 2017, many users had not updated their systems in time and remained vulnerable to the ransomware. Meanwhile, those users that paid the demanded ransom are reporting that – rather than having file access restored – the malware demands a greater sum of money and threatens to delete all files on the system.
The outbreak of the viral ransomware is connected to the public release in April by the hacking group calling itself Shadow Brokers of a trove of NSA and CIA cyberwarfare documents and computer code. The group published what it described as documents stolen from an NSA server housing the complete arsenal of US cyberwarfare weapons that had been left poorly protected.
No comments:
Post a Comment