24 Hours Later: “Unprecedented” Fallout From “Biggest Ransomware Attack In History”
by Tyler Durden
ZeroHedge.com
May 13, 2017
24 hours after it first emerged, it has been called the first global, coordinated ransomware attack using hacking tools developed by the NSA, crippling over a dozen hospitals across the UK, mass transit around Europe, car factories in France and the UK, universities in China, corporations in the US, banks in Russia and countless other mission-critical businesses and infrastructure.
According to experts, “this could be one of the worst-ever recorded attacks of its kind.” The security researcher who tweets and blogs as MalwareTech told The Intercept, “I’ve never seen anything like this with ransomware,” and “the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over 9 million computers in nearly 200 countries.
The fallout, according to cyber-specialists, has been “unprecedented”: it has left unprepared governments, companies and security experts from China to the United Kingdom on Saturday reeling, and racing to contain the damage from the audacious cyberattack that spread quickly across the globe, raising fears that people would not be able to meet ransom demands before their data are destroyed.
As reported yesterday, the global efforts come less than a day after malicious software, transmitted via email and stolen from the National Security Agency, exposed vulnerabilities in computer systems in almost 100 countries in one of the largest “ransomware” attacks on record. The cyberattackers took over the computers, encrypted the information on them and then demanded payment of $300 or more from users in the form of bitcoin to unlock the devices.
The ransomware was subsequently identified as a new variant of “WannaCry” that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.
The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm”, or self spreading malware, by exploiting a piece of NSA code known as “Eternal Blue” that was released last month by a group known as the Shadow Brokers (see “Hacker Group Releases Password To NSA’s “Top Secret Arsenal” In Protest Of Trump Betrayal”) , researchers with several private cyber security firms said.
“This is one of the largest global ransomware attacks the cyber community has ever seen,” said Rich Barger, director of threat research with Splunk. The extremely well coordinated attack first emerged in the United Kingdom around noon on Friday and spread like wildefire around the globe. According to the Times “it has set off fears that the effects of the continuing threat will be felt for months, if not years” and raised questions about the intentions of the hackers: Did they carry out the attack for mere financial gain or for other unknown reasons?
The Rest…HERE
