The cyber attack that crippled systems worldwide on Friday affected around around 99 countries, including India, according to reports in the media. While cyber security firm Kaspersky Lab said that at least 45,000 computers in 74 countries were affected by the “ransomware”, another security firm Avast put the tally at 57,000 systems across 99 countries.
Meanwhile, a cyber security researcher is believed to have found a “kill switch” to stop the spread of the WannaCry ransomware for the time being. The researcher, who goes by the Twitter handle MalwareTechBlog, said the malware can be stopped from spreading by registering a domain name used by it. “Essentially they relied on a domain not being registered and by registering it, we stopped their malware spreading,” the person told AFP in a private message on Twitter.
However, computers already affected cannot avail this solution. The researcher said the perpetrators may change the code and access the data again and, hence, asked users “to update their systems ASAP”.
The cyber attack is believed to have been developed by using a leaked code from the United States National Security Agency. Researchers from various cyber security firms said the hackers, who have not yet identified themselves, made a self-spreading malware by exploiting a piece of NSA code. The code, known as “Eternal Blue”, was stolen and released on April 14 by a group called Shadow Brokers.
The US Department of Homeland Security said that it was ready to lend technical support to contain the spread of the malware, reported Reuters. Meanwhile, whistleblower Edward Snowden blamed the NSA for the breach, according to The Guardian. “If NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened,” he tweeted.
The hackers used a technique that locks users’ files unless they pay money in bitcoins. When the systems of several hospitals across the United Kingdom went down simultaneously on Friday, a pop-up message appeared saying, “Ooops, your files have been encrypted”. This was followed with demands for money from the organisations, The Guardian reported. It added that the hackers were asking for $300 in bitcoin.
The first casualty of these global cyber attacks was the National Health Service in UK. The cyber attack led to chaos in some places, with appointments being cancelled, patients turned away and phone lines disrupted. However, NHS Digital, which runs the services’ cyber security, said they were not specifically the target of the attack.
Besides the NHS, some Spanish companies have also been affected by the attack. Telecom company Telefonica was one such firm. Later, reports poured in from Portugal, Russia, Ukraine and Taiwan. In US, the affect was the least, according to Reuters. However, the attack did manage to hit systems at US shipping firm FedEx.