Computers in more than 150 countries, including some in Australia, have been hit by what experts are calling an unprecedented mass cyber attack using ransomware.
Computers in more than 150 countries, including some in Australia, have been hit by what experts are calling an unprecedented mass cyber attack using ransomware.
The WannaCry lockdown screen. If you see this it is already too late. Photo:Yahoo
Experts were scrambling to determine who was behind the cyber attack, which exploited a security flaw in older versions of Microsoft’s Windows operating software.
The exploit attacked computers across the globe on Friday using a security flaw in Microsoft’s Windows XP operating system, an older version that was no longer given mainstream tech support by the US giant.
The so-called WannaCry ransomware locks access to user files and demands money – in the form of the virtual currency Bitcoin – in order to decrypt them.
Photo:techcrunch
As the world readies to open for business on Monday, companies and governments are bracing for a second round of cyber attack in the aftermath of Friday’s WannaCry hack.
Indeed, security experts are already warning that a new version of WannaCry has emerged over the weekend that doesn’t have the kill switch protocol that stopped the initial version of the cyber attack late on Friday.
By the end of the workday on Friday, when the initial version of the WannaCry hack was detected, hundreds of thousands of computers were affected.
Photo:techcrunch
Now, you’re likely aware that the original malware attack originated from leaked code developed by the US National Security Administration. The attack worked by exploiting a flaw in Microsoft Windows. Although Microsoft had provided a patch for the software several months ago, not everyone updated their systems, which led to the vulnerabilities that the still-anonymous hackers exploited.
According to this Symantec explainer, the ransomware encrypts data files and asks users to pay a bitcoin ransom of $300, which doubles if payment isn’t made after three days. After a week, the encrypted files will be deleted.
Photo:Yahoo
Companies affected by the attacks included the Spanish telecommunications company, Telefonica, Gas Natural and electricity provider Iberdrola. National Health Services hospitals in the UK were also affected by the attack. As was FedEx in the U.S. and Renault in France.
The attacks also hit Germany’s rail system, Russia’s Interior Ministry and universities around China, according to reports in The New York Times.
Microsoft took the unusual step of reissuing security patches first made available in March for Windows XP and other older versions of its operating system.
Researchers at the Moscow-based computer security firm Kaspersky Lab said it was seeking to develop a decryption tool “as soon as possible”.
But what we can do now?
Four simple steps to guard against malware
Step 1: CHECK that ports “139” and “445” are disabled for public access in your Wi-fi router and internet firewall, as both could leave a hard disk exposed to hackers.
Step 2: DISCONNECT your computer from the internet or local area network (LAN). If using a wireless internet connection, switch off your router.
Step 3: BACK UP all important files onto an external storage device then physically disconnect it from your computer.
Step 4: UPDATE your Windows operating system with the latest security patch; the most recent from Microsoft is the “MS17-010” patch, which was released in March.
