Ransomware Threat: Govt Activates Mechanism to Prevent Cyber Attack

"We will continue to work with affected (organizations) to confirm this", the agency said.

The "kill" function halted WanaCryptor's ability to copy itself rapidly to all terminals in an infected system - hastening its crippling effect on a large network - once it was in contact with a secret internet address, or URL, consisting of a lengthy alphanumeric string.

In Spain, major companies including telecommunications firm Telefonica have been infected.

"When any technique is shown to be effective, there are nearly always copycats", said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, Calif.

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, Saturday. Dozens of countries were hit with a huge cyberextortion.

Officials urged companies and organizations to update their Microsoft operating systems immediately to ensure networks aren't still vulnerable to more powerful variants of the malware known as WannaCry or WannaCrypt.

The virus exploits a flaw in a version of Microsoft Windows first identified by U.S. intelligence.

But security minister Ben Wallace said the Government had put £1.2 billion into combating cyber attacks during the last strategic defence and security review, including a £50 million pot to support NHS IT networks.

WannaCry (aka WannaCryptor and Wana Decrypt0r) is a form of ransomware being spread through an exploit called ETERNALBLUE that infects Windows computer systems via a vulnerability in the SMBv1 protocol (MS17-010, a vulnerability in Server Message Block).

It's only a matter of time before people get messages on their vehicle screens saying that the engine has been disabled and it will cost US$200 in bitcoin to turn it back on.

"I still expect another to pop up and be fully operational", Kalember said. After all, the vulnerability that led to the disaster was patched back in March. The virus encrypts data on infected computers then asks users to pay a "ransom" in order to receive a code that unencrypts the data.

The initial attack had started after many offices had closed Friday.

In a post today, UK-based security researcher MalwareTech described how he checked a cyber threat sharing platform after returning home from lunch to discover that National Health Service systems across Britain were being hit by a cyberattack.

Chinese media reported Sunday that students at several universities were hit, blocking access to their thesis papers and dissertation presentations.

The attack, known as "WannaCry" had a major impact across Asia as workers there returned to work on Monday, with Chinese state media saying nearly 30,000 institutions there had been infected. By going online, they will open more avenues to spread the malicious software. But the patch will work only if the systems are updated.

It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money. The price is created to be cheap enough for people to pay instead of giving up: a few hundred dollars in many cases. The ransomware appeared to have hit some 100,000 systems, more than half in Russian Federation, according to a tweet yesterday by malware researcher Jakub Kroustek.

According to a daily, Microsoft has issued a statement saying that it has developed and released a special update for Windows XP although this particular version of its operating system is no longer serviced by the company. The security flaw that hackers used to launch the attacks Friday was made public after information was stolen from the U.S. National Security Agency, which routinely searches for flaws in software and builds tools to exploit them.

"Whenever there is a new patch, there is a risk in applying the patch and a risk in not applying the patch", Grobman said. "But there are so many things to patch. You're only safe if you patch ASAP".



Other news