Global cyberattack: A super-simple explanation of what happened

Posted May 16, 2017

Victims have paid about $30 000 in ransom so far, with the total expected to rise substantially next week, said Tom Robinson, chief operating officer and co-founder of Elliptic Enterprises, a ransomware consultant that works with banks and companies in the United Kingdom, the USA and Europe.

Global investigators hunted Saturday for those behind an unprecedented cyber-attack that affected systems in dozens of countries, including at banks, hospitals and government agencies, as security experts sought to contain the fallout.

Now that this "WannaCry" malware is out there, the world's computer systems are vulnerable to a degree they haven't been before, unless people everywhere move quickly to install Microsoft's security patches.

The U.K.'s National Cyber Security Centre said Sunday that there have been "no sustained new attacks" of the kind that struck Friday.

"Defence Minister Michael Fallon told the BBC that British authorities are spending more than $60 million on safeguarding computer systems", at the NHS, Marx adds.

Update your antivirus software.

"If you have anything to patch, patch it", the researcher said in a blog post.

The attacks used ransomware that apparently exploited a security flaw in Microsoft operating systems, locking users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin. That way if your machine gets infected and your photos and documents are encrypted, you don't need to worry about losing them.

Misner noted that Microsoft released a security update in March to address the WannaCrypt MS17-010 vulnerability, which affected systems running Windows XP, Windows 8 and Windows Server 2003, among others, but does not apply to Windows 10 users. But many corporations don't automatically update their systems, because Windows updates can screw up their legacy software programs.

Security experts advised victims not to cough up the ransom, and Mr Op Gen Oorth said that, so far, relatively few had. Before Friday's attack, Microsoft had made fixes for older systems, such as 2001's Windows XP, available only to those who paid extra for extended technical support.

Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too hard to patch without possibly disrupting crucial operations, security experts said. "In short, it has a lot of computers and at least some of them weren't able to withstand an attack like this".

British cybersecurity expert Graham Cluley doesn't want to blame the NSA for the attack.

"[The] worldwide ransomware attack shows what can happen when the NSA or Central Intelligence Agency write malware instead of disclosing the vulnerability to the software manufacturer", Lieu said in a statement. Security researchers said the ransomware was created on code from NSA malware strains that were recently leaked by the mysterious Shadow Brokers hacker group. "But there's clearly some culpability on the part of the U.S. intelligence services".

"Otherwise they're literally fighting the problems of the present with tools from the past". "It's a handy thing to have, but it's a risky thing to have. And that's what's happening right now".