It comes as the former U.S. national intelligence director said the global "ransomware" attack could grow much larger when people return to work. Victims ranged from British hospitals that had to send scheduled surgery patients home to electronic billboards in Thailand and the Russian Foreign Ministry. While there's been limited public declaration (expect many are keeping quiet) that Australian users have been impacted on a large scale, it does speak to the lack of updating that's happening to connected systems. This particular program, called WannaCry, asks for about $300, though the price increases over time.
On Friday a number of agencies and businesses around the globe, including the U.K.'s National Health Service, were disrupted by the malware, which is estimated to have hit over 100,000 organizations in 150 countries, Rob Wainwright, executive director of Europol, the European law enforcement agency, told ITV. Patched computers carry a much lower risk of being infected by malware or ransomware than those without an update.
The relatively new group now has the unenviable task of cleaning up the NSA's mess, and protecting systems in the USA from further attacks. They, too, should regularly update with software patches as they're issued. The healthcare system remains unusually-reliant on technology running Windows XP, an old operating system that is more vulnerable to attack than modern alternatives.
Security experts say the unprecedented ransomeware attack that on Friday locked up computers across the globe including United Kingdom hospital, FedEx, train systems in Germany among other institutions in exchange for payment, could cause even more trouble as the work week begins. The tool is called WCRYSLAP and can be found here.
Now, art least some of the affected users may be getting some help. The ransomware, which spread using an exploit on SMB protocol, encrypted nearly all the files available on the infected devices.
"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", said Smith. Install all Windows updates. 5. Short of paying, options for these individuals and companies are usually limited to recovering data files from a backup, if available, or living without them. Other researchers, including Kevin Beaumont, are also telling us they haven't yet seen a variant of WannaCrypt without a kill switch. "If you need that data back, you're going to pay".
Finally, always stay alert. You can type "Windows Update" into the Start menu, open the Windows Updater, and check your update status there.
CERT-In has been on an overdrive advising critical infrastructure agencies including banks, airports, telecom networks and stock markets to take precautions against the ransomware attack by downloading software "patches".
Heather Kelly contributed reporting.