according to the diagram, russia took ten times as many hits as anybody else

Countries hit by WannaCry cyber-attacks: Russia is worst affected
Danya Bazaraa, Daily Mirror (UK), May 12 2017


More than 45,000 attacks of the WannaCry ransomware have been recorded in 74 countries around the world, according to reports. Security researchers at Kapersky Lab said that Russia was the worst hit. Other countries that were in the top 20 worst affected included Ukraine, India, Taiwan, China, Romania, Egypt, Iran, Brazil, Spain and Italy. Around 1,000 computers at the Russian Interior Ministry have been affected by the huge cyber-attack that hit countries including Britain and Spain today, a spox for the ministry told Interfax. The ministry reportedly did not lose any information in these attacks. Tech firm F-Secure said it has received reports from more than 60 countries. Mikko Hypponen, its chief research officer, called it “the biggest ransomware outbreak in history.” And the Director of Global Research and Analysis Team at Kaspersky Lab said the number of cyber attacks is still growing. Researchers believe a criminal organisation is behind this, given its sophistication. Kurt Baumgartner, principal security researcher at Kaspersky, said the malware has translations in dozens of languages,and instructions for paying the ransom are displayed in the language set for that computer.


Dozens of countries hit by huge cyber-extortion attack
Jill Lawless, Aritz Parra, AP, May 12 2017

Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies. It was believed to the biggest attack of its kind ever recorded. The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the NSA for its own intelligence-gathering purposes and was later leaked to the internet. Russia appeared to be the hardest hit, according to security experts, with the country’s Interior Ministry confirming it was struck. All told, several cyber-security firms said they had identified the malicious software, which so far has been responsible for tens of thousands of attacks, in more than 60 countries. That includes Pindostan, although its effects there didn’t appear to be widespread, at least initially. The attack infected computers with ransomware that locks up the user’s data and flashes a message demanding payment to release it. It appeared to be caused by a self-replicating piece of software that enters companies and organizations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files. Its ransom demands start at $300 and increase after time not paid to $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab. Affected users can restore their files from backups, if they have them, or pay the ransom; otherwise they risk losing their data entirely. Chris Wysopal of the software security firm Veracode said:

Criminal organizations are probably behind the attack, given how quickly the malware spread. For so many organizations in the same day to be hit, this is unprecedented.

The security holes it exploits were disclosed several weeks ago by  the Shadow Brokers, a mysterious group that has published what it says are hacking tools used by the NSA as part of its intelligence-gathering. Shortly after that disclosure, Microsoft announced that it had already issued software “patches” for those holes. But many companies and individuals haven’t installed the fixes yet, or are using older versions of Windows that Microsoft no longer supports and didn’t fix. By Kaspersky Lab’s count, the malware struck at least 74 countries. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, unpatched versions of Windows in use, according to the security firm. Spain, meanwhile, took steps to protect critical infrastructure in response to the attack. Authorities said they were communicating with more than 100 energy, transportation, telecommunications and financial services providers about the attack. Spain’s Telefonica, a global broadband and telecommunications company, was among the companies hit. Ransomware attacks are on the rise around the world. In 2016, Hollywood Presbyterian Medical Center in California said it had paid a $17k ransom to regain control of its computers from hackers.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.