The Wanna Cry ransomware attack - one of the largest ever cyber attacks - appeared to be slowing around 24 hours after it wrecked havoc and shut down tens of thousands of computer systems across 104 countries.
The slow down happened soon after 'MalwareTech', a Britain-based security researcher, accidentally discovered a 'kill switch' to halt the Wanna Cry attack. Experts, however, warned that enterprising hackers could circumvent MalwareTech's fix.Â
Over 200,000 systems around the world were affected in the Wanna Cry attack, a tracker developed by a security researcher called 'MalwareTech' showed. Czech Republic-based anti-virus provider Avast, however, gave a more conservative estimate of around 126,000 systems being affected, news agency Reuters reported.
India was among the countries worst affected by the Wanna Cry attack, data shared by Kaspersky, a Russian anti-virus company, showed. According to initial calculations performed soon after the malware struck on Friday night, around five per cent of all computers affected in the attack were in India.
Mikko Hypponen, chief research officer at a Helsinki-based cyber security company called F-Secure, told news agency AFP that the it was the biggest ransomware outbreak in history and estimated that 130,000 systems in more than 100 countries had been affected.
Hypponen added that Russia and India were hit particularly hard, largely because Microsoft's Windows XP - one of the operating systems most at risk - was still widely used in the countries.
News agency IANS reported that police computers across 18 units in Andhra Pradesh's Chittoor, Krishna, Guntur, Visakhatpatnam and Srikakulam districts were affected. However, apart from that, there was no immediate information on the extent of the ransomware's hold on Indian systems.
OFFICIAL: NO CAUSE FOR CONCERN
However, India's top cyber security official indicated there was no need for concern.
National Cyber Security Advisor Gulshan Rai, who works out of the Prime Minister's Office, said, "There are about a 100 systems attacked in India and as of now there are no more threats," according to a Times of India report published late Saturday night.
"We understand systems in Andhra Pradesh are impacted, but so far our assessment is that there isn't much impact," Rai said in another report. Rai went on to add that a better understanding of the ransomware's effect in India would only happen on Monday after offices open.
RUSSIA WORST HIT, UK NHS CLAMBERS BACK ON FEET
Russia was the worst affected with Avast telling Reuters that 60 per cent of all infected computers were located in that country. Reports from Saturday morning also indicated that hundreds of computers at the Russian interior ministry. Â
However, it was Britain where the Wanna Cry cyber attack caused the worst disruptions. The ransomware took down hospitals across the United Kingdom causing them to lose access to patient data. Hospitals and clinics were forced to turn away patients, including those suffering from serious ailments.
As of Saturday night, all but six of the 48 National Health Service trusts, some of which oversee several hospitals, were back to normal, news agency Associated Press reported. British Prime Minster Theresa May had earlier said that the NHS wasn't deliberately targeted and that computer systems at Britain's hospitals were swept up in what was an international attack.
US INTELLIGENCE CRITICISED
Wanna Cry, researchers say, uses an exploit first developed by the United States National Security Agency. The exploit called EternalBlue was first made public last month after a group of hackers called Shadow Brokers released data and hacking tools purportedly belonging to the NSA.
NSA is the US's premier signals intelligence agency that has for long been associated with both offensive as well as defensive cyber capabilities.
The attack fueled concerns that the international intelligence community, especially the US's NSA, often does not make public information about vulnerabilities in technology products so that such vulnerabilities can be used by the agencies for offensive purposes.
Former NSA contractor and ardent cyber security expert Edward Snowden said, "Despite warnings, (NSA) built dangerous attack tools that could target Western software," Snowden said. "Today we see the cost".
"If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened," he also said in a series of tweets.
He also indirectly blamed the NSA for the cyber attack, saying the agency's actions had allowed low-skill criminals to launch "government-scale attacks."
"Low-sophistication attackers are often unable to independently develop exploits, lacking the skill and resources to even reverse patches", Snowden said, adding, ".@NSAGov's choices risked permitting low-skill criminals launch government-scale attacks, and then it happened. There's no waving that away".
MICROSOFT RELEASES PATCH
Microsoft on Saturday took the unusual step of releasing free software patches for older, unsupported Windows systems like the XP.
The US tech company had already developed a patch for the EternalBlue exploit and had released it as part of an optional security upgrade for Windows users a few weeks before EternalBLue's existence was made public.
However, it is likely several computers, most likely included ones affected in the Wanna Cry ransomware attack, failed to upgrade to the new patch level. Also, the patch was not offered for Windows XP, a version of the operation system that is no longer supported by Microsoft.
However, that changed on Saturday with Microsoft releasing security fixes available for free for the older Windows systems as well. Notably, a Kaspersky report from last October had warned that most ATMs in India were at risk since they used Windows XP.
(Story has been updated to add Mikko Hypponen's quotes)
(With inputs from agencies)
diambil dari: indiatoday
Banyak aplikasi windows yg dapat dijalankan di Linux dengan menggunakan WINE (Wine Is Not Emulator).....
The Wanna Cry ransomware attack - one of the largest ever cyber attacks - appeared to be slowing aro....