WannaCry 2.0: Get Ready For a New Round of Ransomware Attacks

Cyber-attacks from WannaCry ransomware slow but fears remain

"The 5,500-strong Renault factory in Douai, northern France, one of the most important auto plants in the country, will not open on Monday due to the attack, sources told AFP".

Reports say new variants of WannaCrypt have appeared that do not have this kill switch.

On top of that, the NSA would likely be able to claim that it is shielded from liability under the doctrine of sovereign immunity, which says that the government can not be sued over carrying out its official duties. While governments and corporations scramble to perform damage control, here's what we know about the origins of this cyber attack, who might be to blame and what you can do to protect yourself.

The perpetrators of the attack are still not known.

Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices. So far there doesn't appear to be a way to fix WannaCry.

So should I pay these hackers to make the problem go away?

Companies and governments spent the weekend upgrading software to limit the spread of the virus. The temporary halt in production was a "preventative step", Renault said. PSA Group, Fiat Chrysler, Volkswagen, Daimler, Toyota and Honda said their plants were unaffected.

A Cybercpace Administration of China official said on Monday, that although the virus is still spreading, it has slowed.

The Inquirer reported that in May 2015, the United Kingdom government - whose health services were affected by WannaCry - would not renew its Windows XP support agreement with Microsoft. One month earlier, Microsoft had released a patch targeting the vulnerability. The company's shares were down about 1 percent on Monday, in a slightly higher broad market. Security patches would be available for clients with older machines, but only if they paid for custom support agreements.

Security firm Digital Shadows said on Sunday that transactions totalling US$32,000 had taken place through Bitcoin addresses used by the ransomware.

The company also cited the recent WikiLeaks releases that included leaked code for CIA programs before declaring that government agencies need to start treating cyber weapons like missiles, adding extra protection.

Energy giant PetroChina said payment systems at some petrol stations were hit although it had restored most of the systems.

"Although ransomware on a public sector system isn't even newsworthy, systems being hit simultaneously across the country is (contrary to popular belief, most NHS employees don't open phishing emails which suggested that something to be this widespread it would have to be propagated using another method)", MalwareTech wrote.

On top of that, critics say, the government didn't notify companies like Microsoft about the vulnerabilities quickly enough. No major Indian corporations reported disrupted operations. The VEP was established to determine whether the government should withhold or disclose information about computer software security vulnerabilities.

Russian President Vladimir Putin didn't mince words on the topic on Monday, shifting the blame towards USA hackers and saying his country had "absolutely nothing to do with this".

He said that intelligence agencies tended to be good and responsible stewards of the hacks and exploits they develop.

In Britain, where the virus first raised global alarm when it caused hospitals to divert ambulances on Friday, it gained traction as a political issue just weeks before a general election.

In England, 48 National Health Service (NHS) trusts reported problems at hospitals, doctor surgeries or pharmacies, and 13 NHS organisations in Scotland were also affected.

"This was not a tool developed by the NSA to hold ransom data", homeland security adviser Bossert said at Monday's White House briefing. "The attacks hit hospitals, railroad transport and police".

Britain's NHS is the world's fifth-largest employer after the US and Chinese militaries, Wal-Mart Stores and McDonald's.

The ACLU, meanwhile, urged Congress to pass a law requiring the government to disclose vulnerabilities to companies "in a timely manner", so that they can patch them as soon as possible. But the warning signs couldn't be more clear.

Related:

Comments