Factories, businesses and governments around the world are coming to terms with the largest ransomware attack observed in history.
WannaCrypt/WannaCry ransomware has affected Windows XP systems across the globe.
Image: Cisco Talos
Organizations across the globe are coming to terms with the massive ransomware attack which crippled IT infrastructure on an unprecedented scale.
More than 200,000 victims in 150 countries have so far been confirmed as falling victim to the WannaCry ransomware, also known as WannaCrypt and WCry, in what Europol has dubbed “the largest ransomware attack observed in history”
The ransomware is so effective because once one PC is infected, it will scan the entire internal network and infect other vulnerable devices, with those running unsupported Microsoft operating systems such as Windows XP bearing the brunt of the attacks.
The UK’s National Health Service became one of the first high-profile victims of the outbreak, but many other organizations around the world have suffered due to the ransomware.
Russia has been one of the worst affected countries by the attack, with WannaCry crashing systems at Russian banks, phone networks and IT systems supporting transport infrastructure.
China was also hit hard by the attack, with 29,000 organizations in total falling victim to the ransomware. Chinese government bodies for transport, industry, social security and immigration are among those which became infected with WannaCry, while schools colleges and an energy firm have been hit according to reports.
Car manufacturer Renault was another high-profile victim of the cyberattack which affected factories at sites in France, Romania and the UK. As of Monday morning, Renault said 90 percent of its sites were back up and running as normal as businesses attempt to move on from the incident.
World leaders have been reacting to the attack, with White House officials confirming that US President Donald Trump ordered an emergency meetings to address the issue.
While the UK’s NHS found itself a victim of the ransomware, Prime Minister Theresa May has said the NHS was not specifically targeted. The UK government held a ‘Cobra’ crisis-committee meeting to coordinate a government response to the incident over the weekend and is set to hold a second meeting in response to the Wannacry outbreak this afternoon. Home Secretary Amber Rudd is due to chair the meeting, with Health Secretary Jeremy Hunt also to attend.
“It is much as it was at the moment but we’ve also said this is a very complex issue and we need to keep abreast of what’s happening,” a spokesperson for Number 10 told reporters.
As leader of one of the countries most affected by WannaCry, Russian President Vladimir Putin has spoken out about the attacks — insisting the country isn’t responsible for the spread of the ransomware.
“Russia has absolutely nothing to do with it. I find it strange that in these circumstances too I am hearing something to the contrary,” he said.
Putin also took a swipe at US intelligence agencies. “I think the leadership of Microsoft have said directly that the United States’ special services were the original source of this virus”.
Researchers have suggested the ransomware attacks are so potent because they exploit a known software flaw dubbed EternalBlue.
This Windows flaw is one of a number of zero-days vulnerabilities which apparently was known about the NSA — before being leaked by the Shadow Brokers hacking collective.
Microsoft released a patch for the vulnerability earlier this year – but only for the most recent operating systems. The company took the unprecedented step of releasing an emergency patch for Windows XP and other unsupported operating systems over the weekend.
While there’s currently yet to be the feared second spike in WannaCry incidents as a result of people returning to work on Monday, the UK’s National Crime Agency warned that it “doesn’t mean there won’t be one”.
Organizations have been warned to stay vigilant in order to protect against additional damage being caused by the WannaCry outbreak.
New samples of WannaCrypt variants have been discovered in the wild but they’ve yet to pose the same threat as the first ransomware attack wave