Ransomware virus one of the most devasting viruses was used by hackers to invade and hold various government agencies, hospitals and companies files for ransom on Friday, May 12, 2017.
According to Kurt Baumgartner, a security researcher at Kaspersky Lab the hackers ransom demands started at $300 and increase after two hours to US$400, US$500 and then US$600.
Ransomware attacks are on the rise around the world. In 2016, Hollywood Presbyterian Medical Center in California said it had paid a $17,000 ransom to regain control of its computers from hackers.
Krishna Chinthapalli, a doctor at Britain’s National Hospital for Neurology & Neurosurgery who wrote a paper on cyber security for the British Medical Journal, warned that British hospitals’ old operating systems and confidential patient information made them an ideal target for blackmailers.
In the report, Chinthapalli said many NHS hospitals in Britain use Windows XP software, introduced in 2001, and as government funding for the health service has been squeezed, “IT budgets are often one of the first ones to be reduced.”
“Looking at the trends, it was going to happen. I did not expect an attack on this scale. That was a shock,” said Chinthapalli.
Several weeks ago the security holes it exploits was disclosed by TheShadowBrokers, a mysterious group that continuously published what it claims are hacking tools used by the NSA as part of its intelligence-gathering.
A vulnerability that was allegedly identified by the U.S. appeared to have been exploited by the hackers. National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.
Microsoft announced shortly after that disclosure, that it had already issued software “patches” for those holes. Nevertheless, a lot of companies and individuals have not installed the fixes, or might still be using older versions of Windows that Microsoft no longer supports and did not fix.
The cyber-attack malware enters companies and organizations when employees click on email attachments, then quickly spreads whenever employees share documents and other files.
Chris Wysopal of the software security firm Veracode said criminal organizations were probably behind the attack, given how quickly the malware spread.
According to Wysopal; “For so many organizations in the same day to be hit, this is unprecedented.”
Britain’s national health service was hit hard, its hospitals forced to close wards and emergency rooms. Spain, Portugal, and Russia were also struck. Several cybersecurity firms said they had identified the malicious software behind the attack in upward of 60 countries, with Russia apparently the hardest hit.
Hospitals across Britain found themselves without access to their computers or phone systems. Many canceled all routine procedures and asked patients not to come to the hospital unless it was an emergency. Doctors’ practices and pharmacies reported similar problems.
Patrick Ward, a 47-year-old sales director, said his heart operation, scheduled for Friday, was canceled at St. Bartholomew’s Hospital in London.
Tom Griffiths, who was at the hospital for chemotherapy, said several cancer patients had to be sent home because their records or bloodwork couldn’t be accessed.
“Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization,” he said. “It’s stressful enough for someone going through recovery or treatment for cancer.”
British Prime Minister Theresa May said there was no evidence patient data had been compromised and added that the attack had not specifically targeted the National Health Service.
“It’s an international attack and a number of countries and organizations have been affected,” she said.
The Russian Interior Ministry confirmed it was among those that fell victim to the “ransomware” — software that locks up a computer and typically flashes a message demanding payment to release the user’s data.
By one security firm’s count, the malware struck at least 74 countries, including the U.S., where its effects seemed muted. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older versions of Windows in use.
Spain, promptly took steps to protect critical infrastructure in response to the attack. The government said it was communicating with more than 100 energy, transportation, telecommunications and financial services providers about the attack.
Spain’s Telefonica, a global broadband and telecommunications company, was among the companies hit.