Share

Cyber attacks level off after global push-back, but fears persist

London - The world's biggest ransom ware attack levelled off in Europe on Monday thanks to a push-back by cyber security officials after causing havoc in 150 countries, as Microsoft urged governments to heed the "wake-up call".

President Vladimir Putin denied Russia, which has been accused of cyber meddling in several countries around the world in recent years, had anything to do with an attack that hit hundreds of thousands of computers.

"Microsoft's leadership stated this directly, they said the source of the virus was the special services of the United States," Putin said on the sidelines of a summit in Beijing.

Putin said the incident was "worrisome" but had done "no significant damage" in Russia and called for urgent international talks on countering the hackers.

"A protection system... needs to be worked out," he said.

Brad Smith, Microsoft's president and chief legal officer, earlier said the code used in the attack was originally developed by the US National Security Agency.

He warned governments against stockpiling such code and said instead they should vulnerabilities to manufacturers - not sell, store or exploit them, lest they fall into the wrong hands.

"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen," Smith wrote.

Wake-up call

"The governments of the world should treat this attack as a wake up call."

But global fears eased on Monday as the number of incidents reported levelled off.

The cross-border police agency Europol said the situation was now "stable", defusing concerns that attacks that struck computers in British hospital wards, European car factories and Russian banks would spread further at the start of the working week.

"The number of victims appears not to have gone up and so far the situation seems stable in Europe, which is a success," senior spokesperson for Europol, Jan Op Gen Oorth, told AFP.

"It seems that a lot of internet security guys over the weekend did their homework and ran the security software updates," he said.

Like stealing missiles

The indiscriminate attack was unleashed on Friday, striking hundreds of thousands of computers worldwide by exploiting known vulnerabilities in older Microsoft computer operating systems.

US package delivery giant FedEx, Spanish telecoms giant Telefonica and Germany's Deutsche Bahn rail network were among those hit in the attacks, which demanded money to allow users to unblock their computers.

In China, "hundreds of thousands" of computers were affected, including petrol stations, cash machines and universities, according to Qihoo 360, one of China's largest providers of antivirus software.

French carmaker Renault said its Douai plant, one of its biggest sites in France employing 5 500 people, would be shut on Monday as systems were upgraded.

Europol executive director Rob Wainwright told Britain's ITV television on Sunday that the attack had been "unprecedented".

"We've never seen anything like this," he said.

'Ooops' message, $300 ransom 

The attack blocks computers and puts up images on victims' screens demanding payment of $300 in the virtual currency Bitcoin, saying: "Ooops, your files have been encrypted!"

Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message.

Bitcoin, the world's most-used virtual currency, allows anonymous transactions via heavily encrypted codes.

Experts and governments alike warn against ceding to the demands and Wainwright said few victims so far had been paying up.

Security firm Digital Shadows said on Sunday that transactions totalling $32, 00 had taken place through Bitcoin addresses used by the ransom ware.

The culprits used a digital code believed to have been developed by the US NSA - and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.

A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA, Kaspersky said.

The attack is unique, according to Europol, because it combines ransom ware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

The attack therefore spread faster than previous, smaller-scale ransom ware attacks.

Banks, trains and automobiles 

Anti-virus experts Symantec said the majority of organisations affected were in Europe.

Europol said few banks in Europe had been affected, having learned through the "painful experience of being the number one target of cyber crime" the value of having the latest cyber security in place.

Russia said its banking system was among the victims of the attacks, along with the railway system, although it added that no problems were detected.

French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, while FedEx said it was "implementing remediation steps as quickly as possible".

A fifth of regional hospital associations in Britain's National Health Service were affected and several still had to cancel appointments on Monday, as doctors warned of delays as they cannot access medical records.


We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Voting Booth
Do you think corruption-accused National Assembly Speaker Nosiviwe Mapisa-Nqakula will survive a motion of no confidence against her?
Please select an option Oops! Something went wrong, please try again later.
Results
No, her days are numbered
42% - 394 votes
Yes, the ANC caucus will protect her
58% - 547 votes
Vote
Rand - Dollar
18.94
-0.2%
Rand - Pound
23.91
-0.1%
Rand - Euro
20.43
+0.2%
Rand - Aus dollar
12.34
+0.1%
Rand - Yen
0.13
-0.2%
Platinum
910.50
+1.5%
Palladium
1,011.50
+1.0%
Gold
2,221.35
+1.2%
Silver
24.87
+0.9%
Brent-ruolie
86.09
-0.2%
Top 40
68,346
+1.0%
All Share
74,536
+0.8%
Resource 10
57,251
+2.8%
Industrial 25
103,936
+0.6%
Financial 15
16,502
-0.1%
All JSE data delayed by at least 15 minutes Iress logo
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE