Huge Cyber Attack Reaches 99 Countries, Spread Slows

Print Email

The massive cyber attack that has taken down almost the entire hospital system in the United Kingdom and affected businesses like FedEx that have large global systems, has spread to 99 countries, according to a company that has tracked the extent of the damage. The so-called ransomware also has been detected in 75,000 places.

Avast, which provides free antivirus software, reported that as of 12:15 Pacific time yesterday, “We are now seeing more 75,000 detections of WanaCrypt0r 2.0, in 99 countries.” WanaCrypt0r 2.0 is the name given to the ransomware.

The virus was first detected several months ago:

We saw the first version of WanaCrypt0r in February and now the ransomware is available in 28 different languages, from languages like Bulgarian to Vietnamese.

The New York Times described the current state of the problem:

Governments, companies and security experts from China to the United Kingdom on Saturday raced to contain the fallout from an audacious cyberattack that spread quickly across the globe, raising fears that people would not be able to meet ransom demands before their data are destroyed.

The global efforts come less than a day after malicious software, transmitted via email and stolen from the National Security Agency, exposed vulnerabilities in computer systems in almost 100 countries in one of the largest “ransomware” attacks on record.

These sorts of attacks have become increasingly frequent and often are aimed at government agencies, large corporations and financial firms. Antivirus software has not been able to build defenses that can keep up with the pace at which hackers create new attacks. So far that has meant the pace of the attacks has quickened and their size has grown.

Reuters reports the spread of WanaCrypt0r 2.0 has slowed because of specific steps taken to block its spread:

Some experts said the threat had receded for now, in part because a British-based researcher, who declined to give his name, registered a domain that he noticed the malware was trying to connect to, limiting the worm’s spread.

“We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain,” said Vikram Thakur, principal research manager at Symantec.

“The numbers are extremely low and coming down fast.”

However, the news agency indicates that the ransomware could be modified enough for it to return in force.