May 12, 2017
A massive ransomware campaign appears to have attacked a number of organizations around the world.
Digital world map: Attacks have been reported at organizations around the world – Getty Images
Screenshots of a well known program that locks computers and demands a payment in Bitcoin have been shared online by parties claiming to be affected.
May 12, 2017
A massive ransomware campaign appears to have attacked a number of organizations around the world.
Digital world map: Attacks have been reported at organizations around the world – Getty Images
Screenshots of a well known program that locks computers and demands a payment in Bitcoin have been shared online by parties claiming to be affected.
There have been reports of infections in the UK, USA, China, Russia, Spain, Italy, Vietnam, Taiwan and others.
It is not yet clear whether the attacks are all connected.
One cyber-security researcher tweeted that he had detected 36,000 instances of the ransomware, called WannaCry and variants of that name.
"This is huge," he said.
The UK's National Health Service (NHS) was also hit by a ransomware attack and screenshots of the WannaCry program were shared by NHS staff.
It is not yet clear if the attacks are connected.
A number of Spanish firms were among the apparent victims elsewhere in Europe.
Telecoms giant Telefonica said in a statement that it was aware of a "cybersecurity incident" but that clients and services had not been affected.
Power firm Iberdrola and utility provider Gas Natural were also reported to have suffered from the outbreak.
There were reports that staff at the firms were told to turn off their computers.
Screenshots of WannaCry with text in Spanish were also shared online.
In Italy, one user shared images appearing to show a university computer lab with machines locked by the same program.
Bitcoin wallets seemingly associated with the ransomware were reported to have already started filling up with cash.
"This is a major cyber attack, impacting organizations across Europe at a scale I've never seen before," said security architect Kevin Beaumont.
Several experts monitoring the situation have linked the attacks to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the NSA.
A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.
Courtesy: BBC News
