The New York Times | By: Dan Bilefsky and Nicole Perlroth | May 12, 2017:
LONDON — Hackers using a tool stolen from the United States government conducted extensive cyberattacks on Friday that hit dozens of countries around the world, severely disrupting Britain’s public health system and wreaking havoc on computers elsewhere, including Russia.
Hospitals in Britain appeared to be the most severely affected by the attacks, which aimed to blackmail computer users by seizing their data. The attacks blocked doctors’ access to patient files and forced emergency rooms to divert people seeking urgent care.
Kaspersky Lab, a Russian cybersecurity firm, said it had recorded at least 45,000 attacks in as many as 74 countries.
It was not immediately clear who was behind the attacks, but the acts deeply alarmed cybersecurity experts and underscored the enormous vulnerabilities faced by disjointed networks of computer systems around the world.
“When people ask what keeps you up at night, it’s this,” said Chris Camacho, the chief strategy officer at Flashpoint, a New York security firm tracking the attacks.
The hacking tool was ransomware, a kind of malware that encrypts data, locks out the user and demands a ransom to release it. Security experts say the tool exploited a vulnerability that was discovered and developed by the National Security Agency of the United States.
The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.
The malware was circulated by email. Targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.
To read full article – please click here.
