A global cybersecurity attack (often involving WannaCry ransomware) today crippled healthcare systems in the United Kingdom and put security operations centers (SOCs) on alert in numerous countries. Here are 10 facts to know.
1. Attack Reach: More than 45,000 attacks across more than 100 countries, according to Kaspersky Lab. Also, Avast saw 57,000 infections in 99 countries -- including major hits in Russia, Ukraine and Taiwan, Reuters said.
2. Major Victims: FedEx, Britain’s National Health Service and the Russian Interior Ministry, according to multiple reports.
3. U.S. Relatively Unscathed: Only a small number of U.S.-headquartered organizations were hit because the hackers appear to have begun the campaign by targeting organizations in Europe, Symantec told Reuters. Consulting firms in the US, such as Compliancy Group, have reached out to VARs and MSPs to put them on alert about the attacks.
4. The Security Hole: Hackers apparently exploited a Microsoft Windows flaw that was discovered earlier by the National Security Agency, The New York Times said.
5. Ransomware Involved: It was a variant of WannaCry.
6. The Microsoft Fix: Microsoft added detection and protection against Ransom:Win32.WannaCrypt, the company said today.
7. Payment Demands: The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access, Reuters reported.
8. Preventable Attack: If everyone just kept their boxes up to date we wouldn’t have the current viral conflagration, of course, but as usual that’s too much to ask, TechCrunch asserted.
9. Curious Timing: The attacks arrived one day after President Trump signed a cybersecurity order that strives to lock down government systems.
10. The Hackers: So far, their names are not known.