A Brief Colonial History Of Ceylon(SriLanka)
Sri Lanka: One Island Two Nations
A Brief Colonial History Of Ceylon(SriLanka)
Sri Lanka: One Island Two Nations
(Full Story)
Search This Blog
Back to 500BC.
==========================
Thiranjala Weerasinghe sj.- One Island Two Nations
?????????????????????????????????????????????????Saturday, May 13, 2017
Massive ransomware cyber-attack hits 74 countries around the world
More
than 45,000 attacks recorded in countries including the UK, Russia,
India and China may have originated with theft of ‘cyber weapons’ from
the NSA
A
ransomware cyber-attack that may have originated from the theft of
“cyber weapons” linked to the US government has hobbled hospitals in
England and spread to countries across the world.
Security researchers with Kasperksy Lab have
recorded more than 45,000 attacks in 74 countries, including the UK,
Russia, Ukraine, India, China, Italy, and Egypt. In Spain, major
companies including telecommunications firm Telefonica were infected.
By Friday evening, the ransomware had spread to the United States and
South America, though Europe and Russia remained the hardest hit,
according to security researchers Malware Hunter Team. The Russian
interior ministry says about 1,000 computers have been affected.
Markus Jakobsson, chief scientist with security firm Agari, said that the attack was “scattershot” rather than targeted.
“It’s a very broad spread,” Jakobsson said, noting that the ransom demand is “relatively small”.
“This is not an attack that was meant for large institutions. It was meant for anyone who got it.”
The malware was made available online on 14 April through a dump by a group called Shadow Brokers, which claimed last year to
have stolen a cache of “cyber weapons” from the National Security
Agency (NSA). At the time, there was skepticism about whether the group
was exaggerating the scale of its hack.
On Twitter, whistleblower Edward Snowden blamed the NSA.
“If @NSAGov had
privately disclosed the flaw used to attack hospitals when they *found*
it, not when they lost it, this may not have happened,” he said.
“It’s very easy for someone to say that, but the reality is the US
government isn’t the only one that has a stockpile of exploits they are
leveraging to protect the nation,” said Jay Kaplan, CEO of Synack, who
formerly worked at the NSA.
“It’s this constant tug of war. Do you let intelligence agencies
continue to take advantage of vulnerabilities to fight terrorists or do
you give it to the vendors and fix them?”
The NSA is among many government agencies around the world to collect
cyber weapons and vulnerabilities in popular operating systems and
software so they can use them to carry out intelligence gathering or
engage in cyberwarfare. The agency did not immediately respond to a
request for comment.
Ransomware is a type of malware that encrypts a user’s data, then
demands payment in exchange for unlocking the data. This attack was
caused by a bug called “WanaCrypt0r 2.0” or WannaCry,
that exploits a vulnerability in Windows. Microsoft released a patch (a
software update that fixes the problem) for the flaw in March, but
computers that have not installed the security update remain vulnerable.
“This was eminently predictable in lots of ways,” said Ryan Kalember
from cybersecurity firm Proofpoint. “As soon as the Shadow Brokers dump
came out everyone [in the security industry] realized that a lot of
people wouldn’t be able to install a patch, especially if they used an
operating system like Windows XP [which many NHS computers still use],
for which there is no patch.”
The ransomware demands users pay $300 worth of cryptocurrency Bitcoin to
retrieve their files, though it warns that the “payment will be raised”
after a certain amount of time. Translations of the ransom message in
28 languages are included. The malware spreads through email.
“Attacks with language support show a progressive increase of the threat level,” Jakobsson said.
The attack hit England’s National Health Service (NHS) on Friday,
locking staff out of their computers and forcing some hospitals to
divert patients.
“The attack against the NHS demonstrates that cyber-attacks can quite
literally have life and death consequences,” said Mike Viscuso, chief
techology officer of security firm Carbon Black. “When patients’ lives
are at stake, there is no time for finger pointing but this attack
serves as an additional clarion call that healthcare organizations must
make cybersecurity a priority, lest they encounter a scenario where
lives are risked.”
Ransomware attacks are on the rise. Security company SonicWall, which
studies cyberthreats, saw ransomware attacks rise 167 times in 2016
compared to 2015.
“Ransomware attacks everyone, but industry verticals that rely on legacy
systems are especially vulnerable,” said Dmitriy Ayrapetov, executive
director at SonicWall.
A Los Angeles hospital paid $17,000 in bitcoin to ransomware hackers last year, after a cyber-attack locked doctors and nurses out of their computer system for days.
Jakobsson said that the concentration of the attack in Russia suggested
that the attack originated in Russia. Since the malware spreads by
email, the level of penetration in Russia could be a sign that the
criminals had access to a large database of Russian email addresses.
However, Jakobsson warned that the origin of the attack remains unconfirmed.