Since Friday 12 May, a dramatic cyber-attack targeting Microsoft Windows is affecting businesses, banks and hospitals across the world. The infection is caused by a
ransomware named WannaCry – a malicious software that encrypts the victim’s hard drive, holding his data hostage. Criminals demand a $300
paymentA transfer of funds which discharges an obligation on the part of a payer vis-à-vis a payee. More in
bitcoinBitcoin is commonly said to be a cryptocurrency, a digital means of exchange developed by a set of anonymous authors under the pseudonym of Satoshi Nakamoto, which began operating in 2009 as a community project (Wikipedia type), without the relationship or dependency of any government, state, company or body, and whose value (formed by a complicated system of mathematical algorithms and cryptography) is not supported by any central bank or authority. Bitcoins are essentially accounting entries i... More to release the decryption key. As of now, more than 200,000 computers have been affected in 150 countries,
EuropolA body created within the European Union (EU) which supports the EU Member States in the fight against terrorism, cybercrime and other serious and organised forms of crime, like currency counterfeiting. More says, and
1.3 million systems are still vulnerable.
The attack is believed to have started in Spain and then rapidly spread to the United Kingdom, United States and the rest of the world. Employees across companies found themselves locked out of their computers and lost access to their files. According to cybersecurity firm Kaspersky Lab, Russia, Ukraine and India registered the greatest number of attacks, but the consequences were especially alarming in the United Kingdom, where hospitals and clinics were targeted. Leading organisations affected include Spanish mobile operator Telefónica, French carmaker Renault, German railways Deutsche Bahn, the Russian ministry of the interior and FedEx US branches.
To spread across the network, WannaCry uses EternalBlue, a hacking tool developed by the NSA that was leaked online last year by a group known as the “Shadow Brokers”. The program exploits a security loophole in Windows system that allows WannaCry to spread through common file-sharing protocols such as dropboxes or shared drives. Various companies had to stop all their activities to avoid further troubles.
Fortunately, the attack could be held back quickly thanks to the intervention of a 22-year old British cyber-analyst, who identified and activated an effective “kill switch” coded into WannaCry by its creators. Nevertheless, the solution is only temporary and experts warn that the ransomware might continue spreading in the coming days as the criminals have not been identified yet. Hackers communicate with WannaCry via TOR, a network developed by the US Navy that allows users to hide their locations and thus makes them almost impossible to track.