A large-scale cyber attack hit dozens of countries around the world on Friday 12 May. Using random software, hackers apparently exploited a flaw in Windows systems, leaked into pirated documents from the US security agency NSA. “Today we have witnessed a series of cyber attacks against thousands of organizations and individuals in dozens of countries,”
the British Cybersecurity Agency (NCSC) said in a statement. Its security software and its antivirus. “We have received multiple reports of infection by ransom software,” the US Department of Homeland Security said in a statement. “Individuals and organizations are encouraged not to pay the ransom, As this does not guarantee that access to the data will be restored. “
This wave of “worldwide” computer attacks is a source of concern for security experts. The software locks users’ files and forces them to pay a sum of money in the form of bitcoins to recover its use: it is called the “rannongiciel”. “We have detected more than 75,000 attacks in 99 countries,” said Jakub Kroustek of Avast IT security firm Avast. Force point Security Labs, another IT security company, evokes “a major campaign to spread infected e-mails,” with some 5 million emails sent every hour spreading the malware called WCry, WannaCry, WanaCrypt0r, WannaCrypt or Wana Decrypt0r.
Renault confirms cyber attack
Organizations in Spain, Australia, Belgium, France, Germany, Italy, and Mexico have also been hit by analysts. The manufacturer Renault has been a victim. “We were touched,” a spokesman for the group told Agence France-Presse, adding that the manufacturer was analyzing the situation. “An action has been in place since last night. We are doing what is necessary to counter this attack, “she said. It is the first French institution to admit to being affected by these attacks.
In the United States, the FedEx package giant has also admitted to being infected. The Russian Ministry of the Interior also announced that it was hit by a computer virus on Friday, although it was not specified whether it was the same attack. These attacks included the British public health service (NHS), blocking the computers of many hospitals in the country. “At this point, we do not have any evidence to suggest that there was access to patient data,” reassured the management of the British public health service. The attack however seriously disrupted dozens of hospitals, forced to cancel certain medical procedures and to send ambulances to other establishments.
British public health service hit
Images were shared on social networks with NHS computer screens requesting payment of 300 dollars in bitcoins with the mention: “Oops, your files were encrypted. “The payment must occur within three days or the price doubles, and if the money is not paid within seven days the pirated files will be erased, the message says. Microsoft released a security patch a few months ago to fix this vulnerability, but many systems have not yet been updated. According to Kaspersky, the malware was published in April by the hacker group “Shadow Brokers”, which claims to have discovered the flaw by the NSA. “This ransom software can spread without anyone opening an e-mail or clicking on a link. Unlike normal viruses,
A cyber security researcher told Agence France-Presse to find a parade to slow down the spread of the virus. Tweeting from @Malwaretechblog, he explained that “generally malicious software is connected to a domain name that is not registered. By simply registering this domain name, we can stop its spread, “he said. The researcher nevertheless insisted on the importance of an immediate updating of computer systems because, according to him, “the crisis is not over, they can still change the code and try again, He warned. “If the NSA had privately discussed this flaw used to attack hospitals when they found it, rather than when it was stolen from them, it could have been avoided,