Ransomware: Which businesses are most affected and why?


News of the attack first hit on Friday when NHS staffers reported they were unable to access their IT systems and posted pictures online of computer screens showing a ransomware message.

The fear is that more computers will become infected around the world when business users start up their computers after the weekend.

Over the weekend, Qihoo reported that the ransomeware attack infected almost 30,000 groups by Saturday night.

"This just highlights the importance of patching up immediately", said Bei-Tseng "Bill" Chu, who teaches in UNC Charlotte's Department of Software and Information Systems.

Cyber attack: A total of 12 Scottish health boards were affected (file pic). "This is one reason we called in February for a new "Digital Geneva Convention" to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them".

Brad Smith, Microsoft's president and chief legal officer, said the code used in the attack was originally developed by the US National Security Agency.

The cyber-attack was described by experts as ransomware. And the software is already inspiring imitators, as the Bleeping Computer site reports.

Following the spread of the virus globally, Microsoft has since issued an "highly unusual" emergency update.

"You have Personal ID info, like social security numbers or home addresses or bank acct info, then you have protected health info, which is HIPAA data, and then you've got cardholder data", he said. James Lewis, a cybersecurity specialist with the Centre for Strategic and International Studies, said he believes the exposure of the flaw likely "leads back to Moscow" - but that the hackers who designed the malware are probably not Russian.

"The government's response has been chaotic, to be frank", Labour's health spokesman Jon Ashworth said. "One of the country's largest oil companies, PetroChina, reported the attack had disrupted its electronic payment systems at its gas stations over the weekend".

"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage", Smith wrote.

A parish council in Cornwall is revealed as one of the organisations hit by the worldwide cyber attack that caused major disruption to the NHS. But neither the federal government nor United States corporations assume that this will continue to be the case. His law firm sued LinkedIn after a 2012 data breach, alleging individuals paid for premium accounts because the company falsely stated it had top-quality cyber security measures. Upon analysis, it emerged the worm was exploiting a leaked vulnerability previously used by U.S. intelligence. By afternoon on the US East Coast, new infections had fallen to the low hundreds of machines and continue to decline, Avast said.

When the National Security Agency lost control of the software behind the WannaCry cyberattack, it was like "the US military having some of its Tomahawk missiles stolen", Microsoft President Brad Smith says, in a message about the malicious software that has created havoc on computer networks in more than 150 countries since Friday.

"We haven't seen a second spike in #WannaCry #ransomware attacks, but that doesn't mean there won't be one", the NCA, said on Twitter. Copycat variants of the malware could also contribute another wave of attacks this week after a 22-year-old British researcher that goes by the name "MalwareTech" stumbled on a "kill switch" that slowed the spread of the initial virus.

This is likely based on the fact that most security experts are advising that those hit not pay. But because Microsoft only supports - patches, in other words - newer editions of its operating system, the 16-year-old Windows XP and the 5-year-old Windows 8 were not bolstered with the same fix. The attack did not target Windows 10. This will make it much easier to spot potentially malicious files. The Microsoft patch will help, but installing it across large organisations will take time.

The researcher, tweeting as @MalwareTechBlog, said registering a domain name used by the malware stops it from spreading, though it can not help computers already affected.