Follow CERT-In instructions on WannaCry attack: RBI to banks

The initial attack was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to mount a second attack because so many users of PCs with Microsoft operating systems couldn't or didn't download a security patch released in March that Microsoft had labeled "critical".

The cyberattack that spread malicious software around the world, shutting down networks at hospitals, banks and government agencies, was thwarted by a young British researcher and an affordable domain registration, with help from another 20-something security engineer in the United States.

He said Europol and other agencies did not yet know who was behind the attack but "normally it is criminally minded and that is our first working theory for obvious reasons".

Europol said a special task force at its European Cybercrime Centre was "specially created to assist in such investigations and will play an important role in supporting the investigation".

The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later.

The perpetrators demand payment within three days or the price will double, and they threaten to delete the files altogether if payment is not received within seven days.

Experts and governments alike warn against ceding to the demands and Wainwright said few victims so far had been paying up.

Europol director Rob Wainwright told United Kingdom station ITV the attack was unique in that the ransomware was used in combination with "a worm functionality" so the infection spread automatically.

Mikko Hypponen, chief research officer at the Helsinki-based cyber security company F-Secure, told foreign media agencies it was the biggest ransomware outbreak in history, saying that 130,000 systems in more than 100 countries had been affected.

Amazon.com, Inc. (AMZN) Shares Bought by Cypress Wealth Advisors LLC
Amazon.com, Inc. (AMZN) have shown a high EPS growth of 29.00% in the last 5 years and has earnings decline of 292.10% yoy. The lowest 12-month price target for the shares is $887.00, which would be decrease of about -8% of its current value.

Even as most banks suggest they are not infected, they are required to upgrade their systems with the latest Windows "patches" as a precautionary measure.

But Mr MacGibbon said the ransomware could be adapted by the criminals and was not willing to say the threat of compromise was over.

"The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect", he said in a blog post.

"Once connected, an attacker can try to guess passwords for users on the system, or look for backdoors giving them access", HHS said in an emailed statement.

In the US, "the list of victims is very small", a Department of Homeland Security official tells NPR, noting that it's still relatively early in the WannaCry attack. Companies must take necessary precautions‚ but governments also have a role to play.

Also hit were Deutsche Bahn, the Russian Central Bank, Russian Railways, Russia's Interior Ministry, Megafon and Telefónica. Universities and other schools were among the hardest hit. Newer versions of Windows can be inoculated against WannaCry by running Windows Update and applying all outstanding patches.

In China, "hundreds of thousands" of computers at almost 30,000 institutions and organisations were infected by late Saturday, according to Qihoo 360, one of China's largest providers of antivirus software.

Kaspersky said it was "trying to determine whether it is possible to decrypt data locked in the attack - with the aim of developing a decryption tool as soon as possible".

Related Articles

  • Ransomware attack should be wake-up call for govts

    Fedex said Friday it was "experiencing interference with some of our Windows-based systems caused by malware". Smith also called cyberattack protection a "shared responsibility" between companies and customers.

    More Americans want 'independent' investigation of Trump - Reuters/Ipsos poll

    Trump was angry that Comey would not support his baseless claim that President Barack Obama had his campaign offices wiretapped. President Donald Trump's firing of Comey added a new layer of uncertainty to the agency's corporate criminal investigations.

    Cyber Attack Hit 200000 People in 150 Countries, Says Europol

    However, a hacker could rewrite the code to omit the kill switch and start trying to infect new machines with a new version of it. It comes amid concerns NHS networks were left vulnerable because they were still using outdated Windows XP software.
  • World braces for more cyberattacks as work week begins

    The latest virus attack last week exploits a flaw in a version of Microsoft Windows first identified by USA intelligence. Here's a look at how malware and ransomware work and what people can do if they fall victim to attacks.

    S. Korea's leader willing to visit North, talk to US, China

    President Donald Trump wants to tighten an economic vise around the country and has even raised the possibility of military force. But challenging Washington over THAAD might be hard for Moon.
    'No risk' if LA gets 2024 Games

    'No risk' if LA gets 2024 Games

    Yoga instructor Michael Phillip poses with a Los Angeles 2024 sign outside Staples Center , Friday, May 12, 2017, in Los Angeles . Paris bid committee co-president Tony Estanguet described Sunday's dialogue with the delegation "constructive".
  • Predators' Johansen rips Ryan Kesler after Game 2

    A sign, perhaps, that the latter is getting in the head of the former? And as far as his game, I've already answered that. According to Sportsnet's Elliotte Friedman , both Johansen and Kesler have the same agent, Kurt Overhardt.
    Cisco Systems Stock Higher on Morgan Stanley Upgrade

    Cisco Systems Stock Higher on Morgan Stanley Upgrade

    ILLEGAL ACTIVITY NOTICE: " Cisco Systems, Inc ". 02/16/2017 - Cisco Systems, Inc . had its " rating reiterated by analysts at UBS. The current share price indicate that stock is -18.47% away from its one year high and is moving 87.89% ahead of its 52-week low.
    Trump must turn over any tapes, lawmakers agree

    Trump must turn over any tapes, lawmakers agree

    He said he is privately urging Republicans to voice their concerns publicly because "this is an issue of country, not party". The interview on Fox comes after a week of intense scrutiny of Trump following his unexpected dismissal of Comey.
  • Hamilton takes the win at 2017 Spanish Grand Prix

    The German pulled out a lead, with Mercedes electing to fit the slower medium compound tyres to Hamilton's auto at his first stop. For the previous three seasons, Hamilton was locked in an all-Mercedes fight for the Drivers' Championships with Nico Rosberg.
    West Brom to investigate crowd trouble at Chelsea game

    West Brom to investigate crowd trouble at Chelsea game

    Conte has overseen a remarkable turnaround at Stamford Bridge this season, having taken over a side that had relinquished its Premier League title in disastrous fashion in 2015/16.

    With Merkel and PM, France's new president wastes no time

    Last week, the new party announced "a list of 428 candidates for June's elections, half of whom were women", the broadcaster says. Philippe, the mayor of the Normandy port of Le Havre , is a trained lawyer and an author of political thrillers.