Scores of countries hit by cyber attack using stolen NSA tools

Team Udayavani, May 13, 2017, 9:31 AM IST

Seattle (USA): Scores of countries and several multinational companies were hit by a massive cyber attack which experts said was carried out with the help of tools stolen from the National Security Agency of the United States.

The cyber attack was first reported from Sweden, Britain and France, but countries like Russia and Taiwan are said to be worst hit, US media outlets reported.

US Computer Emergency Readiness Team (USCRT) under the Department of Homeland Security said it has received multiple reports of WannaCry ransomware infections in many countries around the world.

It however, did not identify the countries.

Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.

Individuals and organisations are discouraged from paying the ransom, as this does not guarantee access will be restored, USCERT said.

According to it, ransomware spreads easily when it encounters unpatched or outdated software.

“The WannaCry ransomware may be exploiting a vulnerability in Server Message Block 1.0 (SMBv1),” the team said.

A Microsoft spokeswoman said that the company was aware of the reports and was looking into the situation.

According to The Wall Street Journal, the malware believed to be behind the attacks encrypts data on infected computers and essentially holds it for ransom.

“Known as WannaCry or Wanna Decryptor, the so-called ransomware program homes in on vulnerabilities in Microsoft Windows systems,” the daily said.

In a statement, Avast Threat Lab said it has observed a massive peak in WanaCrypt0r 2.0 attacks, with more than 36,000 detections, so far.

In a statement, FedEx said it has been badly hit by the cyber attack.

“Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware.

We are implementing remediation steps as quickly as possible,” it said.

“This event should serve as a globalwake-upcall — the means of delivery and the delivered effect is unprecedented,” Rich Barger, the director of threat research at security firm Splunk, said in a separate statement.