Cyber attack hits 200000 in at least 150 countries: Europol

Tuesday, 16 May, 2017

Microsoft released a patch back in March, but many users and organizations had not updated their systems with the the fix.

Avast said the majority of the attacks targeted Russia, Ukraine and Taiwan - though exactly which computers in those areas were targeted remains fuzzy.

Companies worldwide are bracing for even more fallout from the biggest cyberattack ever as their workers head back to the office Monday.

Wainwright said he was anxious that the ransomware attack might spread further once people return to work on Monday and log on to their computers.

Security experts have warned that another attack is imminent, most likely on Monday, and could be unstoppable.

"We're in the face of an escalating threat, the numbers are going up".

Russian Railways: State media said a virus attacked the IT system of Russian Railways, but it did not affect operations due to a prompt response.

It's emerged that the tools used in the attack appear to have been stolen from the US National Security Agency.

But the agency added that some infections may not yet have been detected, and that existing infections can spread within networks.

The "unprecedented" ransomware cyberattack has hit as many as 200,000 victims in over 150 countries, Europe's leading security chief said today and warned of another "imminent attack".

Organizations around the world spent the weekend trying to recover after being hit by a virus that seeks to seize control of computers until victims pay a ransom.

Security experts said the attack appeared to be caused by a self-replicating piece of software that enters companies and organisations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files. "Mr. Fallon said the government had already identified cyberattacks as one of the three greatest threats to Britain's security, and had pledged nearly 2 and a half billion dollars to protect IT infrastructure".

Europol's Wainwright underscored the point Sunday.

Jan Op Gen Oorth, spokesman for the Netherlands-based Europol, said the number of individuals who have fallen victim to the cyberextortion attack could be much higher.

The ransomware exploited a security flaw in Microsoft's Windows operating system. But computers and networks that hadn't updated their systems were still at risk. Before Friday's attack, Microsoft had made fixes for older systems, such as 2001's Windows XP, available only to those who paid extra for extended technical support.

Shortly after that disclosure, Microsoft announced that it had already issued software "patches" for those holes. "The numbers are going up, I am anxious about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning".

Europol's European Cybercrime Centre, known as EC3, said the attack "is at an unprecedented level and will require a complex global investigation to identify the culprits".

"There are other criminals who've launched this attack, and they are ultimately responsible for this", he said from his home in Oxford, England.

The government recommends reporting ransomware immediately to the Federal Bureau of Investigation or the U.S. Secret Service, and advises against paying ransoms, saying that payment is no guarantee of recovering data, and that it only encourages further attacks.

Britain's National Cyber Security Center said it could have been much worse if not for a young cybersecurity researcher who helped to halt its spread by accidentally activating a skill switch in the malicious software.

Mr Wainwright said that few of the businesses affected had been banks as the sector had grown use to being the target of cyber crime.

Major global companies said they also came under attack. A top Russian mobile operator said Friday it had come under cyberattacks that appeared similar to those that have crippled some United Kingdom ho.

Security officials in Britain urged organizations to protect themselves by installing the security fixes, running antivirus software and backing up data elsewhere.

It's not the first time hackers have used the leaked NSA tools to infect computers.