Latest
Recommended
Published: Mon, May 15, 2017
Economy | By Melissa Porter

Chinese universities hit by extortion attack

Chinese universities hit by extortion attack

Friday's attack was unprecedented in its reach with more than 200,000 victims in at least 150 countries but warns of a more escalating threat as the number of victims will grow when people go to work and turn their machines on Monday morning, CNN quoted Rob Wainwright, the head of the European Union's law enforcement agency Europol as saying.

He began analyzing a sample of the malicious software and noticed its code included a hidden web address that wasn't registered.

A cybersecurity expert says the biggest cyberextortion attack in history is going to be dwarfed by the next big ransomware attack.

Europol spokesman Jan Op Gen Oorth said it was too early to say who was behind the onslaught and what their motivation was.

But MalwareTech said sinkholing would only stop the spread until hackers removed the domain check and tried again.

Across an ocean, Darien Huss, a 28-year-old research engineer for the cybersecurity firm Proofpoint, was doing his own analysis. Once inside an organisation's network, the malware behind the attack spread rapidly using this vulnerability.

The Russian Interior Ministry said some of its computers had been hit by a "virus attack".

French carmaker Renault said this morning it was among those hit by the global ransomware cyber attack that has infected tens of thousands of computers in almost 100 countries. "They're processing a lot of sensitive data", he said. A top Russian mobile operator said Friday it had come under cyberattacks that appeared similar to those that have crippled some United Kingdom hospitals.

Who perpetrated this wave of attacks remains unknown.

British Home Secretary Amber Rudd said on Saturday that 45 public health organisations were hit, but she stressed that no patient data had been stolen. Omer Fatih Sayan said the country's cyber security centre was continuing operations against the malicious software.

This is already believed to be the biggest online extortion attack ever recorded, disrupting computers that run factories, banks, government agencies and transport systems in nations as diverse as Russia, Ukraine, Brazil, Spain, India and the US.

But he said it would be straightforward for the existing attackers to launch new releases or for other ransomware authors to start copying the way the malware replicated.

The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA as part of its intelligence-gathering.

Around a fifth of trusts were hit amid concerns networks were left vulnerable because they were still using outdated Windows XP software.

"Paying the ransom does not guarantee the encrypted files will be released", the U.S. Department of Homeland Security's computer emergency-response team said.

The attack has plunged Britain's health service into disarray, and affected French auto manufacturers, Russian banks, and a Spanish telecoms operator, according to reports on Saturday.

It demands users pay United States dollars 300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time. But it appears to be "low-level" stuff, Eisen said Saturday, given the amount of ransom demanded - $300 at first, rising to $600 before it destroys files hours later.

He said banks had so far not borne the brunt of the attack. AP reporter Jim Heintz contributed from Moscow.

Like this: