Ransomware attacks reported worldwide

Friday, May 12, 2017

A wave of ransomware attacks has infected as many as 74 countries worldwide and hit companies including Spain's Telefónica, according to news reports.

According to the reports, thousands of computers were locked by the program, called WannaCry, which demands payment in Bitcoins as a decryption fee to free up all information on the computer.

Start your 15 day free trial now!


Already a subscriber? Please, login

Costin Raiu, global researcher at Russian cyber security firm Kaspersky Labs tweeted that the company had detected 45,000 attacks in 74 countries – and the number is growing.

Incidents have been reported in the UK, affecting the National Health Service (NHS), as well as Portugal Telecom and FedEx.

In a statement, Telefónica said the company had detected a cyber security incident affecting the PCs of some employees of its internal corporate network and that it had "activated security protocols for this type of incident." Telefónica's Brazilian operations issued a similar release saying that it had not been affected, but was also taking security precautions.

Chema Alonso, chief data officer at Telefónica, tweeted that news of the attack on Telefónica had been "exaggerated" by the media.

Spain's national cryptology center CN-CERT published on its website a document saying the attack affects Windows operating systems and could potentially affect a whole corporate network that has not applied necessary updates.

The organization recommended users not to pay, saying that payment does not guarantee data files will be restored, and paying would also reward those waging the campaign.

A patch for the vulnerability was released by Microsoft on March 14 but many systems did not install the update.

Some experts have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the US National Security Agency (NSA).

In its recent Latin American Security report 2017, Slovakian cyber security firm Eset said that ransomware had become one of the fastest growing cyber security threats in Latin America, with the number of reported cases soaring by 131% in 2016.

Camilo Gutierrez, head of Eset's Latin America research lab, told BNamericas that many companies, especially SMEs are still not backing up critical information, which is critical when there is a ransomware attack.

Regarding the latest attack, Gutierrez said there was still little official information regarding the attack but he noted that attackers tend to target the most popular operating systems namely Windows and Android.

"We'll have to wait for some more information from Telefóníca or others to find out how it spread."