Recently several companies in spain, hospitals in Britain and 11 countries have confirmed cyberattack to their systems. And according to the National Service of Britain, patient information does not appear to have been stolen or compromised.
Cyber security experts warned that the full impact of the audacious cyberattack that crippled 200,000 computers in more than 150 countries and this attacks might be truly felt new workweek as workers return to their offices and turn back on their computers.
The name of this attacks is “ransomware” attack. According to cybersecurity experts, the spread of this attack against computer systems around the world affected the United States much less than other nations, because a British cybersecurity researcher accidentlly stopped the attack from spreading more widely.
Hackers appeared to have exploited a flaw in Microsoft’s Windows operating system. And this system was first discovered by United States National Security Agency. A tool and the flow to exploit it with malicious software were made public in April by a hacker collective known as Shadow Brokers.
What is Ransomware?
In this typical cyberattack, basically hackers send their victims an email that includes a link to what appears to be for an innocuous web address or email attachment. And in this case hackers appear to have sent their victims encrypted. Zip file attachments intended to make it more difficult to detect their nefarious purpose. And when victims who click on that attachment soon find their computers infected. The program encrypts folders, file and drives on the computer and also the entire networks to which they are connected. The messages that all victims receive include directions for paying the attackers a ransom. Payment is typically demanded in bitcoin.
Main Story of this Attack
For this cyberattack, Cyber Experts said that before the deadline ran out to unlock the machines, the attackers may pocket more than $1 billion from individuals worldwide. In this attack different companies and government agencies were affected like FedEx, Britain’s National Health Service and the Russian Interior Ministry.
And in Asia there were widespread reports of attacks at universities, with students locked out of their theses and final papers as graduation loomed. Nearly in 100 countries, overall more than 45,000 attacks were recorded. According to the Russian cyber security firm Kaspersky Lab, Russia was the worst hit followed by Ukraine, Indian and Taiwan. After the attack Microsoft issued a new patch for its Windows software.
At least 45 British hospitals and other medical facilities seemed to be hit hardest by the attacks. Prime Minister Theresa May said there was no evidence that patient data had been stolen. On Saturday, British authorities said that 48 of Britain’s 248 public health trusts, or about 20 percent, had been assailed in the attack. All but six are back to normal. The Russian Interior Ministry confirmed in a statement that 1,000 of its computers had also been hit.
What We Don’t Know
Who is behind the attack
It is not clear who the Shadow Broker hackers are. And initially an insider at the N.S.A or the C.I.A was suspected of having leaked the agency’s hacking tools. But the fact is that the hacking continued after an N.S.A contractor was arrested. Security experts have said that this Shadow Broker dumps occurred after the United States bombed Syria. Hackers cited the bombing as part of the impetus for their latest leak.
If anyone has paid the ransom
Security experts said that who had already fallen victim to ransomware may have little recourse. And senior director at Crypsis Group Mr. Jason Rebholz, said that victims cold try to search the web for a decryption service, but chances are that in a sophisticated attack like this one, cybercriminals had already taken steps to immunize their encryption from such services.
If anyone was harmed
In Britain Emergency rooms, doctors’ office and ambulances were disrupted and communications were affected in other countries.