Manhunt for hackers behind global cyberattack

Share

The warning follows what the NCSC called a "coordinated ransomware attack", now known as "WannaCry" that is estimated to have affected more than 200,000 computers across 150 countries around the world since its initial launch Friday.

The government found no impact among agencies, though companies like Hitachi and Nissan Motor Co. reported problems that had not seriously affected their business operations.

"We will get a decryption tool eventually, but for the moment, it's still a live threat and we're still in disaster recovery mode", Europol director Rob Wainwright told CNN's Becky Anderson on Sunday, adding that the number of cases was still rising.

A company official said films were still being screened as scheduled and the company was investigating.

Brad Smith, Microsoft's president and chief legal officer, said in a blog post Sunday that it was in fact the NSA that developed the code being used in the attack. In lieu of decrypting the data, Wanna Cry demanded payment in bitcoin, a crypto-currency.

The Russian Interior Ministry, which runs the country's police, confirmed it was among those that fell victim to the ransomware, which typically flashes a message demanding a payment to release the user's own data.

But experts and government alike warn against ceding to the hackers' demands.

Experts and officials offered differing estimates of the scope of the attacks, but all agreed it was huge.

The 200,000 victims included more than 100,000 organizations, Europol spokesman Jan Op Gen Oorth told The Associated Press.

More news: North Korea: New long-range missile can carry heavy nuke

Vu Ngoc Son, deputy head of the anti-malware department of Bkav Corporation, the largest internet security firm in Viet Nam, said that the WannaCry ransomware's behaviour is "not new", but he believes that the use of this ransomware will not really ease up as "it can directly earn large profits for hackers". "Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers".

Experts urged organizations and companies to immediately update older Microsoft operating systems, such as Windows XP, with a patch released by Microsoft Corp.to limit vulnerability to a more powerful version of the malware - or to future versions that can't be stopped.

Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services also were affected, China's Xinhua News Agency said, citing the Threat Intelligence Center of Qihoo 360, an internet security services company.

French carmaker Renault's assembly plant in Slovenia halted production after it was targeted in the global cyberattack.

The ransomware attack struck British National Health Service organisations, along with computer networks of companies and municipalities in dozens of other countries. Wannacry encrypts the files on infected Windows systems.

The organization predicts that the problem could be "at a significant scale" because some infected machines haven't yet been detected, and existing infections can spread within networks.

The cyber sleuths agency advised users to apply patches to their Windows systems in order to prevent its infection and spread.

A global tracker of the malware built by United Kingdom researcher MalwareTech - who stopped the ransomware from spreading further over the weekend simply by buying a domain - indicates the rate of infection in Australia could be much higher than the confirmed eight reports.

The researcher, tweeting as @MalwareTechBlog, said registering a domain name used by the malware stops it from spreading, though it can not help computers already affected.

Share