Nations grapple with huge cyberattack, but more’s coming – Orange County Register

By ALLEN BREED, JIM HEINTZ and SYLVIA HUI

LONDON (AP) — Teams of technicians worked around the clock Saturday to restore Britain’s crippled hospital network and secure the computers that run factories, banks, government agencies and transport systems in other nations after a global cyberattack.

The worldwide cyberextortion attack is so unprecedented that Microsoft quickly changed its policy, announcing security fixes available for free for the older Windows systems still used by millions of individuals and smaller businesses.

After an emergency government meeting Saturday in London, Britain’s home secretary said one in five of 248 National Health Service trusts had been hit. The onslaught forced hospitals to cancel or delay treatments for thousands of patients, even some with serious aliments like cancer.

Home Secretary Amber Rudd said 48 NHS trusts were affected and all but six were now back to normal. The U.K.’s National Cyber Security Center said it is “working round the clock” to restore vital health services.

Security officials in Britain urged organizations to protect themselves by updating their security software fixes, running anti-virus software and backing up data elsewhere.

Who perpetrated this wave of attacks remains unknown. Two security firms — Kaspersky Lab and Avast — said they identified the malicious software in more than 70 countries. Both said Russia was hit hardest.

And all this may be just a taste of what’s coming, a cyber security expert warned.

Computer users worldwide — and everyone else who depends on them — should assume that the next big “ransomware” attack has already been launched, and just hasn’t manifested itself yet, Ori Eisen, who founded the Trusona cybersecurity firm, told The Associated Press.

The attack held hospitals and other entities hostage by freezing computers, encrypting data and demanding money through online bitcoin payments. But it appears to be “low-level” stuff, given the amounts of ransom demanded, Eisen said Saturday.

He said the same thing could be done to crucial infrastructure, like nuclear power plants, dams or railway systems.

“This is child’s play, what happened. This is not the serious stuff yet. What if the same thing happened to 10 nuclear power plants, and they would shut down all the electricity to the grid? What if the same exact thing happened to a water dam or to a bridge?” he asked.

“Today, it happened to 10,000 computers,” Eisen said. “There’s no barrier to do it tomorrow to 100 million computers.”

This is already believed to be the biggest online extortion attack ever recorded, disrupting services in nations as diverse as the U.S., Russia, Ukraine, Spain and India. Europol, the European Union’s police agency, said the onslaught was at “an unprecedented level and will require a complex international investigation to identify the culprits.”

The ransomware appeared to exploit a vulnerability in Microsoft Windows that was…

Read the full article from the Source…

Back to Top