Home
News
In Focus
Business
Metro
Nation
World
Sports
Feature
Opinion
View more »Opinion Columns
Wan LixinOpinion deputy editor of Shanghai Daily
Restaurants get off to a quick start thanks to game-changing policies
High service charges on event ticket refunds call for further regulation
Sunday
- Subscribe
Global cyber attack hits systems in 150 countries
Print Edition
AN unprecedented global “ransomware” attack has hit at least 100,000 organizations in 150 countries, Europe’s police agency said yesterday. More damage may be seen today as people return to work and switch on their computers.
The attack that began on Friday is believed to be the biggest online extortion attack yet recorded, spreading chaos by locking computers that run Britain’s hospital network, Germany’s national railway and scores of other companies, factories and government agencies worldwide.
“It was essentially an indiscriminate attack across the world,” Europol director Rob Wainwright said. “It’s a massive reminder to sectors right across the world that cyber security should be a topline strategic priority.”
Jan Op Gen Oorth, spokesman for the Netherlands-based Europol, said the number of individuals who have fallen victim to the cyber extortion attack could be much higher.
He said it was too early to say who was behind the onslaught and what their motivation was. The main challenge for investigators was the fast-spreading capabilities of the malware. So far not many people had paid the ransoms the virus demands, he said.
The attack held hospitals and other entities hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment — US$300 at first, rising to US$600 before it destroys files hours later.
The effects were felt across the globe, with Russia’s Interior Ministry and companies including Spain’s Telefonica, FedEx in the US and French carmaker Renault all reporting disruptions.
Chinese media reported yesterday that students at several universities were hit by the virus, which blocked access to their thesis papers and their dissertation presentations.
Had it not been for a young cyber security researcher’s accidental discovery of a so-called “kill switch,” the malicious software would likely have spread much farther and faster.
Experts say such widespread attacks are tough to pull off.
This one worked because of a “perfect storm” of conditions, including a known and highly dangerous security hole in Microsoft Windows, users who didn’t apply Microsoft’s March software fix, and malware designed to spread quickly once inside university, business and government networks. What’s worse, those responsible were able to borrow a weaponized “exploit,” apparently created by the US National Security Agency, to launch the attack in the first place.
Darien Huss, a 28-year-old research engineer who helped stop the malware’s spread, said he was “still worried for what’s to come in the next few days, because it really would not be so difficult for the actors behind this to re-release their code without a kill switch or with a better kill switch.
“Or we could potentially see copycats mimic the delivery or exploit method they used,” he said.
Now that the “WannaCry” malware is out there, computer systems are vulnerable unless people everywhere move quickly to install Microsoft’s security patches.
The worldwide effort to extort cash prompted Microsoft to quickly change its policy, announcing free security patches to fix the vulnerability in older Windows systems still in use.
Security officials in Britain urged organizations to protect themselves by installing the security fixes, running antivirus software and backing up data elsewhere. Experts say this vulnerability has been understood among experts for months, yet too many groups failed to take it seriously.
The ransomware exploited a vulnerability that has been patched in updates of recent versions of Windows since March.
Britain’s National Cyber Security Center said it could have been much worse if not for a 22-year-old Britain-based cyber security researcher.
The researcher, identified online as MalwareTech, said he spotted a hidden web address in the “WannaCry” code and made it official by registering its domain name. That inexpensive move redirected the attacks to the server of Kryptos Logic, the security company he works for. The server operates as a “sinkhole” to collect information about malware — and in Friday’s case kept the malware from escaping.
The Windows vulnerability in question was purportedly identified by the NSA for its own intelligence-gathering purposes. Intelligence officials wouldn’t comment on the authenticity of the claims. The tools appeared stolen by hackers, who dumped them on the Internet.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
