The Federal Government has warned that even more Australians might find out that they’re included in the list of victims of the worldwide cyber attack. The list consists of over 200,000 victims in 150 countries around the world, and all of this happened only during the weekend.
It’s even expected that the number of victims will grow today after people go to work and turn on their computers. Dan Tehan, the Assistant Minister for cyber security has stated that only one of Australian companies seems to be targeted so far. He also mentioned that reports of several more possible attacks are coming in and that the ‘symptoms’ are the same as those experienced overseas.
Tehan also said that the attacks were performed by small or medium-sized businesses within the private sector. He said that this is absolutely a wake-up call, and that ransomware attacks cost Australia around $1 billion per year.
This ransomware has made quite a number of problems for the rest of the world as well, starting with Britain, whose healthcare system was simply thrown into chaos this weekend. The UK Government has stated that 97% of the hospitals held for ransom were back to normal since Sunday. Still, there’s a general fear that the attack is not over, and that the number of victims will only continue to grow.
Rob Wainwright, the Europol director, has said that “The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations. At the moment, we are in the face of an escalating threat. The numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn [on] their machines on Monday morning.”
Attackers used ransomware, which is a type of software that locks down the documents and files on a computer and won’t release them until the ransom is paid. These attacks combined ransom with a worm functionality, which makes it quite unique, according to the experts. It’s even expected that new versions of the worm will appear.
It’s also expected that the number of victims, big as it is, still remains small because of the fact that the attack was carried out on weekend. However now, when the new week has started, computers are being turned on, and even more, systems are expected to fall victim to this attack.
Jan Op Gen Oorth, a spokesperson for Europol, has stated that it’s still too early to say who the attacker is, or what is their goal or motivation. The biggest challenge was the speed of the malware, but it would appear that not many people have paid the ransom for now. Security experts have warned against paying for data return, and many others have agreed that it’s not ethical.
This is officially the biggest online extortion attack ever recorded. Still, it’s expected that much worse things will come if some major fixes aren’t made. The lucky discovery of a kill switch has also helped with taking a small bit of control over the situation.
The kill switch was discovered by a 22-year-old researcher that identifies online as MalwareTech and has partnered with a research engineer named Darien Huss. Together, they registered a domain name to which the attacks were redirected, which then activated the kill switch.
This method created a so-called ‘sinkhole’ and halted the spreading of ransomware. However, if the original hacker changed the code, disabled the killswitch, or used a different domain for stopping the attack, it’s expected that the infection would continue. Still, this has created a lucky break and has given the time needed to install a patch against the attack. So far, the attack has disrupted banks, factories, transport systems, government agencies, and not just in one country, but around the world.
Experts claim that attacks this big aren’t that easy to pull off and that this one has probably only worked because of the right conditions. Those include a very dangerous security hole in Microsoft Windows, as well as carefree users that failed to download the patch and fix the issue. Also, the malware itself was made so that it would spread very quickly once it breaches the biggest defenses.