A ransomware attack believed to use WannaCry malware is sweeping across the world as reports pour in from dozens of countries. What began with an attack on users of Spain’s largest telecom service then spread to the UK, where at least 16 National Health Services centers had their files “frozen,” with the attackers demanding money to decrypt the frozen files.
The attackers have apparently given their victims three days to pay $300 in bitcoin cryptocurrency, after which the amount doubles. In seven days, the attackers say all encrypted files will be wiped out.
The WCry, WannaCry, or Wana Decryptor, as it is called, is currently being tracked in a huge number of instances across China, Russia, India and even within the United States. The U.S. Department of Health and Human Services has issued a statement to the effect that it is trying to figure out how America’s medical systems can be protected from this malware attack.
In the UK, NHS Digital is working with the National Cyber Security Centre, NHS England and the Department of Health to ensure patient privacy is maintained.
The Wana Decryptor ransomware is targeting Windows machines that haven’t been updated with the patch that Microsoft released against the flaw, as outlined in its March Security Bulletin MS17-010. Interestingly, the malware is reported to have been stolen or leaked from the National Security Agency.
What’s really alarming is that this family of malware has relatively dormant until now, when it seems to be sweeping across the world in a matter of hours. Users don’t even need to be at their machines for the attack to be successful. All it requires is for the computer to be connected to a network.
Security agencies around the world, along with various health service providers, are now scrambling to find a solution to this ransomware problem, while treating patients without having access to their records. It’s a life-threatening situation that requires immediate remediation, but where that mitigative solution will come from is anybody’s guess.