Using a tool likely stolen from the United States intelligence community, hackers launched a massive cyberattack across the world on Friday, hitting government agencies and other organizations in up to 75 countries.
The malicious code called “WannaCry” locks down computer systems, forcing users to wire cash payments to receive a code to unlock systems, authorities said Friday, Breitbart reported.
“Affected machines have six hours to pay up and every few hours the ransom goes up,” Kurt Baumgartner, the principal security researcher at Kaspersky Lab, told CNN. “Most folks that have paid up appear to have paid the initial $300 in the first few hours.”
Security experts say the attack exploits the Server Message Block (SMB) critical vulnerability that Microsoft tried to patch on March 14. The 0day exploit, aka ETERNALBLUE, believed to be an NSA exploit tool, initially was leaked by the hacker group Shadowbrokers, prompting a patch from Microsoft.
Experts say that the ransomware code is a “hunter module” that spreads across the Internet seeking computer systems that are vulnerable to its attack. The best way to prevent an attack is for systems managers to be sure all the most current patches are applied to their systems.
The malware is also spread by malicious emails, so users are again advised not to open any email they are suspicious of or messages from people they do not know.
Edward Snowden, the former NSA contractor who in 2013 leaked details of America's surveillance programs, has blamed the intelligence agency for not preventing the global cyber attack on Friday. "Despite warnings, (NSA) built dangerous attack tools that could target Western software," Mr Snowden said. "Today we see the cost."
He said Congress should be asking the NSA if it is aware of any other software vulnerabilities that could be exploited in such a way. "If [the NSA] had privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, this may not have happened," he added, Telegraph.co.uk reports.