Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Mark Schiefelbein

Growing global cyberattack hits 200,000 victims so far and there's more to come

Fears for millions of users who will be turning on their computers tomorrow morning.

THE UNPRECEDENTED GLOBAL cyberattack has hit more than 200,000 victims in scores of countries, Europol said today, warning that the situation could escalate when people return to work.

An international manhunt was well under way for the plotters behind the world’s biggest-ever computer ransom assault.

The indiscriminate attack, which began Friday, struck banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in old Microsoft computer operating systems.

US package delivery giant FedEx, European car factories, Spanish telecoms giant Telefonica, Britain’s health service and Germany’s Deutsche Bahn rail network were among those hit.

Europol executive director Rob Wainwright said the situation could worsen on Monday as workers return to their offices after the weekend and log on.

“We’ve never seen anything like this,” the head of the European Union’s policing agency told Britain’s ITV television, calling its reach “unprecedented”.

The latest count is over 200,000 victims in at least 150 countries. Many of those victims will be businesses, including large corporations. We’re in the face of an escalating threat. I’m worried about how the numbers will continue to grow when people go to work and turn on their machines on Monday.

The 5,500-strong Renault factory in Douai, northern France, one of the most important car plants in the country, will not open on Monday due to the attack, sources told AFP.

 ’Ooops’ message, $300 ransom

Images appear on victims’ screens demanding payment of $300 (€275 ) in the virtual currency Bitcoin, saying: “Ooops, your files have been encrypted!”

Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message.

Bitcoin, the world’s most-used virtual currency, allows for anonymous transactions, which happen via heavily encrypted codes.

Experts and governments alike warn against ceding to the demands and Wainwright said few victims so far have been paying up.

US software firm Symantec said that part-way through Saturday, transactions totalling $28,600 had taken place through the five Bitcoin addresses used by the ransomware.

“Paying the ransom does not guarantee the encrypted files will be released,” the US Department of Homeland Security’s computer emergency response team said.

NHS Cyber Attack The NHS was targeted by the attacks. Yui Mok / PA Yui Mok / PA / PA

“It only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information.”

The culprits used a digital code believed to have been developed by the US National Security Agency, and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.

A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA, Kaspersky said.

The attack is unique, according to Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

The attack therefore spread faster than previous, smaller-scale ransomware attacks.

Microsoft said the situation was “painful” and that it was taking “all possible actions to protect our customers”.

It issued guidance for people to protect their systems, while taking the highly unusual step of reissuing security patches first made available in March for Windows XP and other older versions of its operating system.

Banks, trains and automobiles 

Symantec said the majority of organisations affected were in Europe.

The companies and government agencies targeted were diverse.

Europol’s Wainwright said few banks in Europe had been affected, having learned through the “painful experience of being the number one target of cyber crime” the value of having the latest cyber security in place.

Russia’s interior ministry said some of its computers had been hit, while the country’s banking system was also attacked, although no problems were detected, as was the railway system.

World-wide Cyber Attacks hits German Railways A display panel with an error can be seen at the main railway station in Leipzig, DPA / PA Images DPA / PA Images / PA Images

French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, while FedEx said it was “implementing remediation steps as quickly as possible”.

Germany’s rail operator Deutsche Bahn said its station display panels were affected. Universities in China, Italy and Greece were also hit.

Meanwhile G7 finance ministers meeting in Italy vowed to unite against cyber crime, as it represented a growing threat to their economies and should be tackled as a priority.

The danger will be discussed at the G7 leaders’ summit next month.

The US Treasury Department said it will play a “leading role” in protecting the global financial system’s IT infrastructure.

US Treasury Secretary Steven Mnuchin “has made protecting America’s financial infrastructure from cyberattacks a top priority,” a senior department official told reporters on the return flight from Italy.

© – AFP 2017

Read: Ibec calls for more funding to protect businesses following cyber attack >

Read: A Dublin startup is trying to stop millennial workers from quickly switching jobs >

Author
View 40 comments
Close
40 Comments
    Install the app to use these features.
    Mute Darren Boothman
    Favourite Darren Boothman
    Report
    May 14th 2017, 7:16 PM

    Paul Williams reporting shin fein behind this savage act

    64
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 7:21 PM

    @Darren Boothman: yes, SF “tugs” and such based on his reliable confidential and highly discreet sources in An Garda Siochana.

    41
    Install the app to use these features.
    Mute Darren Boothman
    Favourite Darren Boothman
    Report
    May 14th 2017, 7:28 PM

    @Tony Daly: yea his sources told him shin fein terrorist tugs and those who vote for them are the same!!!!!!! Bell end that he is , rte’s judge jury executioner

    38
    See 2 more replies ▾
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 7:33 PM

    What is Paul William’s current unofficial rank in An Garda Siochana? It was Superintendent but I hear he wants a Chief Super. Rank.

    18
    Install the app to use these features.
    Mute John003
    Favourite John003
    Report
    May 14th 2017, 9:06 PM

    @Darren Boothman: Sorry to tell you this but RTE is very kind and good to SF ……Ask Mary Lou….

    2
    Install the app to use these features.
    Mute Gerard
    Favourite Gerard
    Report
    May 14th 2017, 7:29 PM

    The price you pay for turning your nose up at the expense and inconvenience of keeping systems up-to-date.

    34
    Install the app to use these features.
    Mute Paraic McDonagh
    Favourite Paraic McDonagh
    Report
    May 14th 2017, 8:17 PM

    @Gerard: Linux is free.

    27
    Install the app to use these features.
    Mute Mick Tobin
    Favourite Mick Tobin
    Report
    May 14th 2017, 10:23 PM

    @Paraic McDonagh: I’m running two dual boot Linux/Windows systems. Haven’t booted into Windows for a while on either of them.

    But I’ll be switching off my modem and applying the patch from a usb as soon as I do. Primary source has not yet been ascertained, and it cannot be ruled out that you may be infected via a port scan without doing anything within minutes from logging on. Even on a home system.

    And I’m not so sure how long the idea that you are safe with Linux is going to hold, particularly since the threat apparently originated from an NSA hacking method. But admittedly you’d probably have to be lured into running something with administrator privileges from the command line.

    4
    See 2 more replies ▾
    Install the app to use these features.
    Mute Patrick J. O'Rourke
    Favourite Patrick J. O'Rourke
    Report
    May 15th 2017, 12:05 AM

    @Mick Tobin: Very true. Those of us who run Linux are concerned that if everyone did we would be a target as it would be worth their while. The NSA would have built code to deal with any OS too, especially Unix due to their targets. There’s no reports of a Linux variant being deployed as yet. They will go for the Macs first. As you say, it would need to be good con to get users to fall for the process with the privileges needed to run it. For the comedy factor it might involve stereotypes “Sudo this code into the terminal to get two sacks of wholegrain rice, a glamping teepee, sandals made from tyres in Africa and a donation to the fight for the honeybee against nasty multinational poison merchants all for free”. I thought I’d say it first.

    3
    Install the app to use these features.
    Mute Gerard
    Favourite Gerard
    Report
    May 15th 2017, 10:35 AM

    @Paraic McDonagh: Linux still requires someone to manage the systems and ensure they are updated. Or a department to do so, for larger companies.

    1
    Install the app to use these features.
    Mute Tony Gordon
    Favourite Tony Gordon
    Report
    May 14th 2017, 8:15 PM

    Smugly sitting on my supposedly overpriced iPhone, iPad and iMac, wondering what all the fuss is about!

    32
    Install the app to use these features.
    Mute Scorpionvenomm
    Favourite Scorpionvenomm
    Report
    May 14th 2017, 8:16 PM

    @Tony Gordon: that won’t save you

    14
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 8:45 PM

    @Tony Gordon: some of us have to use Windows in a business and professional environment but I’m sure that we are all happy that you subscribe to the Apple religion.

    25
    See 3 more replies ▾
    Install the app to use these features.
    Mute Tony Gordon
    Favourite Tony Gordon
    Report
    May 14th 2017, 9:21 PM

    @Scorpionvenomm: has served me very well to date.

    4
    Install the app to use these features.
    Mute Tony Gordon
    Favourite Tony Gordon
    Report
    May 14th 2017, 9:24 PM

    @Tony Daly:

    1
    Install the app to use these features.
    Mute Virtual Architect
    Favourite Virtual Architect
    Report
    May 14th 2017, 10:56 PM

    @Tony Gordon: i presume you have anti virus on them, right?

    1
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 7:15 PM

    Is the threat limited to Windows XP?

    25
    Install the app to use these features.
    Mute Damocles
    Favourite Damocles
    Report
    May 14th 2017, 7:21 PM

    @Tony Daly: any windows version could be at risk.

    If your PC has been offline since Friday you may be at risk when you log in on Monday morning if there are infected machines on your network and it hasn’t been patched.

    What you might like to do is disconnect from the network when you get in, boot up and, if you have local admin rights apply the patch from a USB.

    Ultimately though follow the instructions of your IT department.

    53
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 7:24 PM

    Thanks. That is very helpful.

    21
    See 1 more reply ▾
    Install the app to use these features.
    Mute Avina Laaf
    Favourite Avina Laaf
    Report
    May 14th 2017, 9:03 PM

    Perhaps now people will finally realise that there are real-world consequences to uncontrolled document leaks.
    Thanks very much Mr. Assange, you played a blinder…
    *slow hand clap*

    7
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 7:34 PM

    I just checked. I have the right patches installed.

    Avoid links and attachments unless they are familiar.

    19
    Install the app to use these features.
    Mute Niall Burke
    Favourite Niall Burke
    Report
    May 14th 2017, 11:07 PM

    I think they should wipe out everyone’s debt! Now that would be a cyber attack to celebrate!!! #forthecraic

    17
    Install the app to use these features.
    Mute Neil
    Favourite Neil
    Report
    May 14th 2017, 7:35 PM
    7
    Install the app to use these features.
    Mute Damocles
    Favourite Damocles
    Report
    May 14th 2017, 7:42 PM

    @Neil: a temporary fix at best. The guy who spotted it and put in the fix has advised people that they should continue to take measures.

    9
    Install the app to use these features.
    Mute Dave Doyle
    Favourite Dave Doyle
    Report
    May 14th 2017, 7:21 PM

    I’m using what’s supposed to be a good, encrypted, untrackable browser, and i can choose where my IP address is from. Presently it’s Singapore.
    I’ve reasonable general protection. So i hope it’s enough!!

    6
    Install the app to use these features.
    Mute Scorpionvenomm
    Favourite Scorpionvenomm
    Report
    May 14th 2017, 7:57 PM

    @Dave Doyle: don’t go online, sorted !!

    6
    Install the app to use these features.
    Mute The Throwaway
    Favourite The Throwaway
    Report
    May 14th 2017, 8:50 PM

    @Dave Doyle: the issue has nothing to do with where your IP is bouncing off. As long as you have traffic (i.e. Whatever you’re looking at online) been sent back to your pc, then you’re as much at risk as anyone else.

    16
    See 1 more reply ▾
    Install the app to use these features.
    Mute James O Donoghue
    Favourite James O Donoghue
    Report
    May 14th 2017, 11:11 PM

    David your ip overseas is just as risky as an Irish ip. These worms generate ip addresses at random. Just need to patch up.

    5
    Install the app to use these features.
    Mute Tony Daly
    Favourite Tony Daly
    Report
    May 14th 2017, 7:58 PM

    For Windows 10, check that you have security patch MS17-010 installed. It was issued in March. There are earlier patches but I’m told that this is the most effective.

    Security Patches for other Windows versions are easily available.

    Administrator clearance may be required.

    5
    Install the app to use these features.
    Mute Martin Carter
    Favourite Martin Carter
    Report
    May 14th 2017, 9:21 PM

    Buy & Hold Bitcoin

    4
    Install the app to use these features.
    Mute James Onedin
    Favourite James Onedin
    Report
    May 14th 2017, 8:50 PM

    I get that sometimes on the BPW’s, just disconnect from the network, close down the offending page, then the browser and bob’s your uncle.

    3
    Install the app to use these features.
    Mute Kieran Stafford
    Favourite Kieran Stafford
    Report
    May 14th 2017, 8:31 PM

    Scary documentary about this stuff called zero days. Well worth a watch

    3
    Install the app to use these features.
    Mute The Throwaway
    Favourite The Throwaway
    Report
    May 14th 2017, 8:53 PM

    @Kieran Stafford: I was wondering if it was a variant of Olympic Games (stuxnet). It would appear more so than the NSA been the ones responsible, it was the reckless use of the programme by Israel that put it out into the open. This article seemed to suggest that the coding was leaked via NSA file dump, whereas the OG/Stux was ‘out there’ from the Israelis.

    6
    Install the app to use these features.
    Mute John003
    Favourite John003
    Report
    May 14th 2017, 9:19 PM

    @The Throwaway: Thoes Jews again causing problems….Thanks for letting us know we shoukd have known

    4
    See 2 more replies ▾
    Install the app to use these features.
    Mute Kieran Stafford
    Favourite Kieran Stafford
    Report
    May 14th 2017, 9:29 PM

    @The Throwaway: that would be an ecumenical matter

    1
    Install the app to use these features.
    Mute James O Donoghue
    Favourite James O Donoghue
    Report
    May 14th 2017, 11:15 PM

    Nah its just picking up on registry weaknesses. Kinda same as other viruses in past such as msblaster. The nsa just pointed out the entry path these criminals exploited it. Idiots really. The UK government will go after them and will get them.

    1
    Install the app to use these features.
    Mute brian boru
    Favourite brian boru
    Report
    May 15th 2017, 8:17 AM

    Microsoft said the situation was “painful” and that it was taking “all possible actions to protect our customers”.

    Except providing any sort of solution to their crappy software problem. Microsoft make money they do not care about their customers.

    In my opinion Microsoft should have full liability for this issue. This is a flaw in their product yet for some reason they have no responsibility for the problem in fact they use the problem to sell the latest version of their software.

    2
    Install the app to use these features.
    Mute johnnypaully
    Favourite johnnypaully
    Report
    May 14th 2017, 11:51 PM

    Duck and Cover!

    1
Submit a report
Please help us understand how this comment violates our community guidelines.
Thank you for the feedback
Your feedback has been sent to our team for review.
JournalTv
News in 60 seconds