Microsoft Windows users, particularly in the oil, banking and other industries, suffered work disruption after a second attack hit a huge number of users on Tuesday, June 27. The virus is a ransomware that is similar to “WannaCry”, a ransomware crytoworm that infected more than 300,000 computers in May this year.
Most of those affected by the attack are companies in Russia and Ukraine, including Russia’s biggest oil company, the Ukrainian banks. and multinational firms.
These attacks that are meant to instigate cyber extortion has become a major concern to businesses, as the attackers were able to shut down critical infrastructures and cripple corporate and government networks.
Cyber experts believe that the ransomware contains “Eternal Blue.” a cyber weapon that was stolen from the US National Security Agency (NSA) and may possibly have been used in “WannaCry” too.
The attack froze computers by encrypting hard drives and overwriting files. The perpetrators sent a screen message demanding $300 worth of bitcoin payments to restore access to their computers and 30 victims fell for this trap. A message that says "Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service” is flashed onscreen and restricts access to the computer of the affected areas, putting all operations on a standstill.
Microsoft said that they are still conducting an investigation on the matter and are taking appropriate actions to protect its customers. According to them, the virus may have been able to infect computers due to flaws that were patched in a March 2017 security update. They have assured their customers that Microsoft’s antivirus software detects and removes it.
There are other victims from Britain, France, Germany, Italy, Poland, and the United States. However the total number of attacks globally is yet to be known.
According to research, the ransomware has the DNA of earlier malwares “Petya” and “GoldenEye.” Though the impact of the recent attack was said to have been smaller than WannaCry, analysis on the attack by Juniper Network said the attack could be more dangerous than traditional versions of ransomwares.
The attack had already been contained, thanks to the 22-year old British security researcher Marcus Hutchins who created “kill switch,” the countermeasure used to slow down WannaCry and the said recent attack. Other countries are already coordinating with the US Department of Homeland Security to avoid suffering the same fate, while the latter advised people not to pay the extortion money because this does not guarantee restoration of access. Meanwhile, the White House National Security Council said in a statement that there is no public safety risk at the moment.
|Photo By: HypnoArt / Pixabay|