Brace for a new wave of ransomware attacks Monday morning, global authorities are warning computer users and organizations today.
So far, one of the worst cyberattacks in recent memory has hit computers in 150 countries, Europol said, with a virus named WannaCry encrypting files and demanding ransom from victims. The software can run in 27 different language, according to U.S. cybersecurity officials.
During the weekend, spread of the malware slowed for a variety of reasons (including this heroic effect by a security researcher). But as workers return Monday morning, a fresh round of infections could occur, authorities have warned.
“It is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks,” wrote the U.K.’s National Cyber Security Centre. “This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale.”
On Friday, health organizations across the United Kingdom were hit particularly hard. Reuters reported that hospitals were canceling surgeries and turning away non-emergency patients to deal with the crisis.
WannaCry-infected computers notify victims with a menacing looking pop up that demands about $300 in bitcoins to restore the files. Security expert Brian Krebs reported that thousands of victims have paid the ransom.
A confluence of events led to discovery of and then spread of the devastating malware. The technology behind WannaCry was actually developed by the National Security Agency in the U.S., then stolen by hackers using the moniker Shadow Crew. It attacks unpatched Microsoft Windows computers. Most modern Windows PCs were automatically updated to prevent the exploit, but older computers — those running Windows XP, for example — are no longer routinely supported by Microsoft. Many of those were unpatched, and an easy mark for WannaCry.
U.K. hospitals had thousands of these older machines; that’s why the virus hit hard there. I’ve reported earlier on why health care providers often have older computers. Many run single tasks, and are rarely updated, or even noticed, by IT staff.
Microsoft has now offered security patches for older Windows machines, and technicians have spent the weekend racing to updates those computers.
The U.S. Computer Emergency Readiness Team, part of Homeland Security, urged U.S. victims to contact the FBI.
Computer users who arrive at work on Monday morning should make sure as their first task that their computers have been updated with any security patches. That might require a restart.
Meanwhile, virus creators and copycats are already working on variants of the malware, hoping to re-start its spread.
The U.K.’s National Security Cybre Centre has offered this three-step protection plan for home users and small businesses. Critically, it recommends (as I do) that good backups are the one, true protection against cyber attacks.
“You can’t be held to ransom if you’ve got the data somewhere else,’ it says.
1. Run Windows Update
2. Make sure your antivirus product is up to date and run a scan – if you don’t have one install one of the free trial versions from a reputable vendor
3. If you have not done so before, this is a good time to think about backing important data up – you can’t be held to ransom if you’ve got the data somewhere else.
Follow this story: AlertMe
If you’ve read this far, perhaps you’d like to support what I do. That’s easy. Buy something from my NEW LIBRARY AND E-COMMERCE PAGE, Sign up for my free email list, click on an advertisement, or just share the story.