Turkey among countries hit in cyberattack

Candice Alexander
May 14, 2017

The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.

Dozens of countries were hit with by the ransomware attack on Friday that locked up computers and held users' files for ransom at a multitude of hospitals, companies and government agencies. The National Cyber Security Centre said it had detected 188 "high-level" attacks in just three months.

Two security firms - Kaspersky Lab and Avast - said they had identified the malicious software behind the attack in upward of 70 countries, although both said the attack has hit Russian Federation hardest.

Xinhua state news agency said some secondary schools and universities were hit.

TORONTO/FRANKFURT, May 13 (Reuters) - Businesses around the world scrambled on Saturday to prepare for a renewed cyber attack, convinced that a lull in a computer offensive that has stopped auto factories, hospitals, schools and other organizations in around 100 countries was only temporary. Lieu said it is "deeply disturbing" the NSA likely wrote the original malware used to ransom computers. "We are implementing remediation steps as quickly as possible", it said in a statement.

"Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful", says Phillip Minser, Principal Security Group Manager at Microsoft.

The virus spread quickly because the culprits used a digital code believed to have been developed by the US National Security Agency - and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.

Making the domain active appears to have stunted the spread of the worm, Thakur said on Saturday.

But the attackers may yet tweak the code and restart the cycle. The National Center for the Protection of Critical Infrastructure says Friday it was communicating with more than 100 providers of energy, transportation, telecommunications and financial services about the attack.

Windows 10 users with the March security update or the Creators Update remain unaffected by the ransomware. Portugal Telecom and Telefonica Argentina both said they were also targeted. WannaCry exploited common techniques employees use to share files via a central server.

On Saturday, a cyber security researcher told AFP he had accidentally discovered a "kill switch" that could prevent the spread of the ransomware.

Portugal's Sobral Wins Eurovision Contest With Tender Ballad
Russian Federation responded by refusing to air the contest and viewers in separatist eastern Ukraine were also unable to watch. The authorities handed out a map of gay-friendly venues to fans of the contest with a massive gay following.

Mom of Ohio boy who killed himself vows he "will be heard"
System spokeswoman Janet Walsh said the video would be released "when it's ready", possibly later Thursday or Friday. The coroner's spokesman said Friday that Sammarco wasn't available to discuss the investigation being reopened.

Watch out! Melissa McCarthy as Sean Spicer drives her podium through NYC
The video ends with her made up and dressed as Spicer, as opposed to a character in the Stephen Sondheim musical. She also reprised Spicer in the Jimmy Fallon episode on April 15, giving a special "Easter message".

An exterior view shows the main entrance of St Bartholomew's Hospital, in London, one of the hospitals whose computer systems were affected by a cyberattack, Friday, May 12, 2017.

French carmaker Renault SA halted production at some factories to stop the virus from spreading, a spokesman said Saturday, while Nissan Motor Co.'s United Kingdom auto plant in Sunderland, in northeast England, was affected without causing any major impact on business, an official said. It's nice of Microsoft to make this security update broadly available, but it's also imperative for Redmond to do so - after all, the reputation of Windows is on the hook.

The links for this security patch are available on Microsoft's blog.

Still, Microsoft's release of the patch ensures that companies, and home users, may patch their devices to protect them against the attack.

Bart's Health, which runs several London hospitals, said it had activated its major incident plan, cancelling routine appointments and diverting ambulances to neighboring hospitals.

The cyberattack that spread malicious software around the world, shutting down networks at hospitals, banks and government agencies, was stemmed by a young British researcher and an low-cost domain registration, with help from another 20-something security engineer in the U.S.

Capitalizing on spying tools believed to have been developed by the US National Security Agency, the cyber assault has infected tens of thousands of computers in almost 100 countries, with Britain's health system suffering the worst disruptions.

"It's an worldwide attack and a number of countries and organisations have been affected", she said.

"Seeing a large telco like Telefonica get hit is going to get everybody anxious".

"When any technique is shown to be effective, there are almost always copycats", said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California.

The news is also likely to embolden extortionists when selecting targets, Chris Camacho, chief strategy officer with cyber intelligence firm Flashpoint, said.

Other reports by VgToday

Discuss This Article