Thursday, November 21, 2024

Cyberattack spreads to 99 countries, blocked in US

Must read

Nigerian High Commission apartments in Ghana demolished

Some new apartments built at the residence of the Nigerian High Commissioner in Ghana’s capital city Accra, have been demolished by bulldozers. The apartments have been constructed to...

Covid-19: Ghana records significant recovery numbers

Ghanaian health officials on Saturday said over 10,000 persons infected with the coronavirus have now recovered. The significant number of recoveries means the country now...

DR Congo: President’s ex-chief of staff jailed 20 years for corruption

The ex-chief of staff of the president of the Democratic Republic of Congo has been jailed 20 years by a high court. Vital Kamerhe was...

Covid-19: Zimbabwe’s health minister arrested, charged for graft

Zimbabwe's Health Minister Obadiah Moyo has been arrested over corruption allegations related to procurement of medical equipment worth $60 million. Moyo is accused of illegally...
Isaac Kaledzihttps://en.wikipedia.org/wiki/Isaac_Kaledzi
Isaac Kaledzi is an experienced and award winning journalist from Ghana. He has worked for several media brands both in Ghana and on the International scene. Isaac Kaledzi is currently serving as an African Correspondent for DW.

About 100 countries have reported a cyberattack that  has infected tens of thousands of computers and especially disrupted Britain’s health system and global shipper FedEx.

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files.

The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists.

Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries, with Russia, Ukraine and Taiwan the top targets.

Some experts said the threat had receded for now, in part because a British-based researcher, who declined to give his name, registered a domain that he noticed the malware was trying to connect to, limiting the worm’s spread.

The malware developers were said to have leveraged hacking tools believed to have been developed by the U.S. National Security Agency.

“We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain,” said Vikram Thakur, principal research manager at Symantec.

“The numbers are extremely low and coming down fast.”

But the attackers may yet tweak the code and restart the cycle. The British-based researcher who may have foiled the ransomware’s spread told Reuters he had not seen any such tweaks yet, “but they will.”

Finance chiefs from the Group of Seven rich countries will commit on Saturday to join forces to fight the growing threat of international cyber attacks, according to a draft statement of a meeting they are holding in Italy.

“Appropriate economy-wide policy responses are needed,” the ministers said in their draft statement, seen by Reuters.

In Asia, some hospitals, schools, universities and other institutions were affected, although the full extent of the damage is not yet known because it is the weekend.

“I believe many companies have not yet noticed,” said William Saito, a cyber security adviser to Japan’s government.

“Things could likely emerge on Monday.”

China’s official Xinhua news agency said some secondary schools and universities had been affected, without specifying how many or identifying them.

In Vietnam, Vu Ngoc Son, a director of Bkav Anti Malware, said dozens of cases of infection had been reported there, but he declined to identify any of the victims.

South Korea’s Yonhap news agency reported a university hospital had been affected, while a communications official in Indonesia said two hospitals there had been affected.

The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers on Friday.

International shipper FedEx Corp said some of its Windows computers were also infected. “We are implementing remediation steps as quickly as possible,” it said in a statement.

Telecommunications company Telefonica was among many targets in Spain. Portugal Telecom and Telefonica Argentina both said they were also targeted.

Only a small number of U.S.-headquartered organizations were hit because the hackers appear to have begun the campaign by targeting organisations in Europe, said Thakur.

By the time they turned their attention to the United States, spam filters had identified the new threat and flagged the ransomware-laden emails as malicious, Thakur added.

MICROSOFT UPS DEFENCES

The U.S. Department of Homeland Security said it was sharing information with domestic and foreign partners and was ready to lend technical support.

Private security firms identified the ransomware as a new variant of “WannaCry” that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.

The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm”, or self spreading malware, by exploiting a piece of NSA code known as “Eternal Blue” that was released last month by a group known as the Shadow Brokers, researchers with several private cyber security firms said.

“This is one of the largest global ransomware attacks the cyber community has ever seen,” said Rich Barger, director of threat research with Splunk, one of the firms that linked WannaCry to the NSA.

The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the U.S. spy agency.

Microsoft said it was pushing out automatic Windows updates to defend clients from WannaCry. It issued a patch on March 14 to protect them from Eternal Blue.

“Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt,” Microsoft said in a statement on Friday, adding it was working with customers to provide additional assistance.

 

Source: Reuters

- Advertisement -

More articles

- Advertisement -

Latest article

Nigerian High Commission apartments in Ghana demolished

Some new apartments built at the residence of the Nigerian High Commissioner in Ghana’s capital city Accra, have been demolished by bulldozers. The apartments have been constructed to...

Covid-19: Ghana records significant recovery numbers

Ghanaian health officials on Saturday said over 10,000 persons infected with the coronavirus have now recovered. The significant number of recoveries means the country now...

DR Congo: President’s ex-chief of staff jailed 20 years for corruption

The ex-chief of staff of the president of the Democratic Republic of Congo has been jailed 20 years by a high court. Vital Kamerhe was...

Covid-19: Zimbabwe’s health minister arrested, charged for graft

Zimbabwe's Health Minister Obadiah Moyo has been arrested over corruption allegations related to procurement of medical equipment worth $60 million. Moyo is accused of illegally...

Ghana’s new law that jails citizens not wearing facemask 10 years

Ghanaians who fail to wear the face masks in compliance with a presidential directive risk going to jail for ten years. They also face a...