A window announcing the encryption of data, including a requirement to pay, appears on an electronic timetable display at the railway station in Chemnitz, eastern Germany, May 12, 2017. (Photo by AFP)
Governments and businesses worldwide have been jittery over the weekend as they brace to start the new work week under the threat of a recent global cyber attack.
In the Far East, Chinese state media on Monday quoted national cyberspace authorities as saying the global ransomware computer virus was still spreading in the country.
“Hundreds of thousands” of Chinese computers at nearly 30,000 institutions, including government agencies, have been hit by the malware, a leading Chinese security-software provider has said.
Japan’s Nissan Motor Company confirmed on Monday that some of its units had been targeted, and the Japan Computer Emergency Response Team Coordination Center said 2,000 computers at 600 companies had been affected by the ransomware.
The indiscriminate ransomware attack began on Friday and struck banks, hospitals, and government agencies, exploiting known vulnerabilities in older Microsoft computer operating systems.
The attack, known as “WannaCry,” paralyzed computers that run Britain’s hospital network, Germany’s national railway, and other companies and government agencies worldwide.
Experts say the attack may be the largest online extortion scheme ever launched.
The software used in the attack has been traced to the US National Security Agency (NSA). The NSA claims the software used in the attacks has been stolen from it.
The NSA’s spying and foreign cyber activities were revealed in June 2013 by former US intelligence contractor and whistle-blower Edward Snowden. He leaked the classified information and then left the United States.
How the extortion scheme works
When the ransomware virus infects a computer system, data on that system get encrypted, and images appear on monitors demanding a payment of $300 in the almost untraceable virtual currency Bitcoin.
The payment must be made within three days, otherwise the price would be doubled; and if none is received within seven days, the locked files will be deleted, according to the screen messages.
Authorities have told victims not to pay the ransom money. However, media reported about $38,000 had been paid by Monday morning.
More than 200,000 computers in 150 countries have been affected.
‘Update your systems’
Microsoft president and chief legal officer Brad Smith said on Sunday that the places affected by the virus had failed to keep their systems up to date, allowing it to spread.
“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” Smith said.
The company said it had released a Windows security update in March to tackle the virus involved in the latest attack, but many users had not run it.
Smith called the attack a “wake-up call” and blamed the government for the secret “stockpiling of vulnerabilities.”
“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” he said, referring to a website that leaks purported government data.