Ransomware attack should be wake-up call for govts

Tuesday, 16 May, 2017

Wainwright described the cyberattack as an "escalating threat".

Symantec said the majority of organisations affected were in Europe.

The virus exploits a vulnerability in Microsoft Windows software, first identified by the US National Security Agency, experts have said.

By drawing attention to the shortcomings of legacy computer systems, WannaCry could indirectly drive more demand to companies such as Google and Microsoft that have built massive cloud computing businesses, said Stewart Baker, a former general counsel at the National Security Agency.

The attack over the weekend affected 200,000 computers across 150 counties.

However, it seems that many NHS trusts had not applied it or were using an older version of the operating system which is no longer supported - Windows XP.

Sir Michael said: "That is a ten-year programme and part of the cost of that programme has to come from efficiency savings, getting rid for example of land and barracks and buildings that we don't need, being more efficient in the way that we work".

The malware has prevented computers from being used all over the world in companies and government departments, with the NHS particularly badly hit.

Two security firms - Kaspersky Lab and Avast - said they had identified the malicious software behind the attack in over 70 countries, although both said the attack had hit Russian Federation the hardest.

French carmaker Renault's assembly plant in Slovenia halted production after it was targeted in the global cyberattack.

The attack that began Friday is believed to be the biggest online extortion attack ever recorded, disrupting computers that run factories, banks, government agencies and transport systems. Deutsche Bahn said it deployed extra staff to busy stations to provide customer information, and recommended that passengers check its website or app for information on their connections. Universities in Greece and Italy also were hit.

The most disruptive cyber attack in the history of Britain's National Health Service propelled a debate over state hospital funding to the center of the election campaign on Monday, though officials said there had been no second wave of infections.

Chinese media are reporting that the global "ransomware" virus attacked many university networks in China.

Kaspersky said it was "trying to determine whether it is possible to decrypt data locked in the attack - with the aim of developing a decryption tool as soon as possible".

Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too hard to patch without possibly disrupting crucial operations, security experts said. "You're only safe if you patch ASAP", wrote the researcher on Twitter. "Now I should probably sleep".

Code for exploiting that bug, which is known as "Eternal Blue", was released on the internet last month by a hacking group known as the Shadow Brokers.

"Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email", said Lance Cottrell, chief scientist at the United States technology group Ntrepid.

Wainwright warned the healthcare sector "in many countries" was particularly vulnerable, but that all organizations should ensure they prioritise cyber security and update their systems.

Britain's official emergency committee, known as Cobra, met in London on Saturday afternoon to discuss the cyber-attack that has caused widespread disruption to the country's National Health Service (NHS).

Asked if the government had ignored warnings over the NHS being at risk from cyber attack, May told Sky News: "No".