Ransomware hits China schools; Europe fears more attacks

Regolare Commento Stampare

Officials across the globe scrambled to catch the culprits behind a massive ransomware worm that disrupted operations at vehicle factories, hospitals, shops and schools, while Microsoft pinned blame on the U.S. government for not disclosing more software vulnerabilities.

Wainwright added that what occurred was an indiscriminate attack across the world on multiple industries and services including Germany's rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia's interior ministry.

Attackers have demanded $300 to $600 to unlock encrypted files.

Qihoo had previously said the attack had infected close to 30,000 organisations by Saturday evening, more than 4,000 of which were educational institutions.

But the hackers do not appear so far to have been well rewarded: only about $50,000 has been transferred to their online wallets so far, according to Elliptic Labs which tracks transactions using the internet currency bitcoin.

The threat was "escalating" as cyber experts warned that another attack was imminent in coming days, he said.

Brad Smith, Microsoft's president and chief legal officer, said in a blog post Sunday that it was in fact the NSA that developed the code being used in the attack.

In light of recent events, Microsoft states that this ransomware attack should be taken as a wake-up call, all the while criticizing the world governments for failing to provide information on these vulnerabilities.

The attack is unique, according to Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

Industrial conglomerate Hitachi Ltd. said the attack had affected its systems at some point over the weekend, leaving them unable to receive and send e-mails or open attachments in some cases.

Europol's Wainwright said few banks in Europe had been affected, having learned through the "painful experience of being the number one target of cyber crime" the value of having the latest cyber security in place. That's wrong, says Smith.He argued there should be "a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them."He said tech companies, customers and the government need to "work together" to protect against attacks."More action is needed, and it's needed now", he said". "We are implementing remediation steps as quickly as possible".

Friday's ransomware attack hit over 125,000 computer systems, with 48 National Health Service (NHS) trusts having to cancel appointment and operations.