A global cyber attack, exploiting the hacking tools engineered possibly by the US spy agency, has infected as much as 57,000 computers in nearly a hundred countries since this Friday.
The hack attack progressed as the hackers fooled the computer users into opening a malicious email. Once opened, the virus, called WanaCrypt0r, then encrypted all the data on the computer and asked amounts ranging from $300-$600 in bitcoins for decryption. The security researchers associated with leading security companies have mentioned that Russia, Ukraine and Taiwan were the top targets among the total 99 countries hit.
Hospitals from Britain, FedEx and Spain’s telecom company, Telefonica were among the organizations that were hit by the attack. The Britain’s health service department, National Health Service, was hit hard with sixteen NHS subsidiary organizations directly affected. “A number of NHS organizations have reported that they have suffered from a ransomware attack”, told UK Prime Minister Theresa May. The other targets include the Russian Interior Ministries and Sberbank, the largest Russian bank. Lesser number of attacks were, however, reported in US because when the virus was directed to US, the email spam filters already started to filter these emails.
Hackers took advantage of a vulnerability that existed in Microsoft Windows. The vulnerability has already been patched by Microsoft a couple of months back, and the ones who haven’t yet installed the update have come under the attack. Microsoft said that it was now pushing automatic Windows updates to protect the users who haven’t already installed the patch. It said, “Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt.”
The attack was made self-spreading so it quickly replicated itself into tens of thousands of computers quickly. Eternal Blue, the code responsible for the hacking was released by Shadow Brokers. Shadow Brokers is group known for notoriously releasing hacking tools of National Security Agency (NSA) of USA. As of yet, no hacker group has come forward to claim the responsibility.
Image — The Washington Post, Source — Reuters and others