WannaCry Ransomware Cyberattacks Slow
RFE/RL May 15, 2017
Managers and employees at government offices, organizations, and businesses returned to work warily on May 15 amid fears that a massive cyberattack could worsen after the weekend, but computer infections appear to have slowed.
The WannaCry "ransomware" attack, which began on May 12, disrupted hospitals, banks, shops, schools, and government agencies in more than 150 countries, attacking through vulnerabilities in older versions of Microsoft computer operating systems.
Among the big victims were the U.S. package delivery company FedEx, car production facilities in Europe, the Spanish telecom firm Telefonica, Britain's National Health Service, and Germany's rail network.
"The number of victims appears not to have gone up and so far the situation seems stable in Europe, which is a success," Jan Op Gen Oorth, senior spokesman for Europe's police agency Europol told the AFP news agency.
"It seems that a lot of Internet security guys over the weekend did their homework and ran the security software updates," he added.
"We haven't seen a second spike in #WannaCry #ransomware attacks, but that doesn't mean there won't be one," Britain's National Crime Agency said on Twitter.
Companies have been warning employees to be careful when clicking on attachments and links in their e-mails.
But Michael Gazeley of the Hong Kong-based cybersecurity firm Network Box told the Reuters news agency that there are still "many 'landmines' waiting in people's in-boxes" in Asia, with most of the attacks having arrived via e-mail.
Tom Bossert, the Homeland Security Adviser under U.S. President Donald Trump, told ABC television that the cyberattack was for now "under control" in the United States.
The attackers told computer users to pay $300 to $600 in the anonymous bitcoin currency to retrieve files that the virus had decrypted, blocking owners from getting access.
The ransomware warning said the cost would double after three days, and threatened to delete files within seven days if no payment was made.
Experts said account addresses linked to the WannaCry software code appear to show the attackers received about $32,500 in bitcoin as of 11 a.m. GMT on May 14. That figure is expected to rise, although many experts and government agencies urge victims not to give into the demands.
During a visit to China, Russian President Vladimir Putin insisted that his country was not behind the attack, and pointed the finger at the United States.
"Russia has absolutely nothing to do with it," Putin said.
"As for the source of these threats, Microsoft's leadership stated this directly: they said the source of the virus was the special services of the United States."
He was referring to a weekend blog post by Microsoft president, Brad Smith, stating that the U.S. National Security Agency had developed the code being used in the attack.
It was leaked as part of a document dump, according to researchers.
"Once they're let out of the bottle, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators," Putin said.
Putin insisted that his country was not behind the attack.
The United States has accused Russia in the past of mounting several cyberattacks.
Russia's Interior Ministry earlier said some of its computers had been hit, and authorities said the country's banking system and railway system were also attacked but that no major problems were detected.
With reporting by Reuters, AP, AFP, and the BBC
Copyright (c) 2017. RFE/RL, Inc. Reprinted with the permission of Radio Free Europe/Radio Liberty, 1201 Connecticut Ave., N.W. Washington DC 20036.