International investigators hunted at last those behind unprecedented cyber _attack that affected systems in various countries. Hospitals, banks and government agencies were targetted by this attack.
The biggest _ever cyber ransom attack began from Friday strucking state agencies and major companies around the world _ From British hospitals and Russian banks to FedEx and European car factories.
According to Europol, Europe’s police agency. “The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,”
Europol told a special task force at its European Cybercrime Centre was “specially designed to assist in such investigations and will play an important role in supporting the investigation”.
The attack using ransomware apparently exploiting a security flaw in Microsoft operating system and locking users’ files- unless they pay the attackers $300 in the virtual currency Bitcoin- was showing on screens “Ooops, your files have been encrypted.
Payment was demanded within 3 days or the price was to be doubled up and if not paid within seven days threat was to delete files , according to screen message.
Experts of the US Deptt of Homeland Security’s computer emergency response team said paying the ransom doesn’t guarantee release of the encrypted files.
“It only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information.”Also added the team.
This ransomware attacked 130,000 systems in more than 100 countries, Russia and India get hit hard, because one of the operating system more at risk Microsoft’s Windows XP was still being used there. According to Mikko Hypponen chief research officer at the Helsinki-based cyber security company F-Secure.
According to French police around the globe more than 75000 systems were victimised and inclusion was expected.
Due to culprits’ use of a digital code believed to have been developed by the US National Security Agency virus spread quickly.
Microsoft call the situation “painful” Saying that it was taking “all possible actions to protect our customers”.It also issued guidance for people to protect their systems.
According to US software firm Symantec, the majority of organisations affected were in Europe and the attack was indiscriminate.
In the US, package delivery group FedEx said it was “implementing remediation steps as quickly as possible,” whereas French carmakerRenault was forced to stop production at sites in France, Romania and Slovenia.
Accordingto interior ministry of Russia virus attack hit some of its computers and efforts were made to destroy it. Virus attacked country’s banking system, however problems were not found in railway system.
Germany’s station display panels, Greek and Italian universities were also hit.
China’s network information safety working group warned universities about the cyber-attack and the National Internet Emergency Center suggested that users update Windows security patches.
“it was trying to determine whether it is possible to decrypt data locked in the attack—with the aim of developing a decryption tool as soon as possible.” Kaspersky said.
A cyber security researcher told AFP on Saturday about accidently discovering a “kill switch ” to prevent the spread of the ransomware.
Though it can’t protect alresdy victimised system ,researcher, tweeting as @MalwareTechBlog, said registering a domain name used by the malware stops it from spreading.
“If you have anything to patch, patch it,” the researcher said in a blog post. “Now I should probably sleep.”
A hacking group namely Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.
“Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email,” says Lance Cottrell, chief scientist at the US technology group Ntrepid.
G7 finance ministers meeting vowed in in Italy to unite against cyber crime, as it represents a growing threat to their economies and should be tackled as a priority. The danger will be discussed at the G7 leaders’ summit in the next month.
The attack disrupted In Britain, care at National Health Service facilities, by forcing ambulances to divert and hospitals to postpone operations.
Interior Minister Amber Rudd said .
“There will be lessons to learn from what appears to be the biggest criminal cyber-attack in history,”
Also added that, “But our immediate priority as a government is to disrupt the attack, restore affected services as soon as possible, and establish who was behind it so we can bring them to justice”.