Authorities Seek Clues On Culprits Behind Global Cyberattack
May 15, 2017
The British government said on Saturday it does not yet know who
was behind a massive global cyberattack that disrupted Britain's
health care services and targeted vital computer systems in as
many as 100 other countries.
British Interior Minister Amber Rudd said Britain's National
Cyber Security Center was working with the country's health
service to ensure the attack that began Friday was contained and
She said Britainís National Crime Agency was still working with
her ministry to find out where the attacks came from and that
the British government did not know if the attacks had been
directed by a foreign government.
What appeared to be the biggest cyberextortion attack in history
exploited a vulnerability in Microsoft Windows that was
identified in leaked documents by the U.S. National Security
Agency earlier this year.
With more than 75,000 attacks launched on Friday, cybercrime
experts around the world were investigating a concentration of
attacks in Russia, Ukraine, and India -- countries where the use
of older, unpatched versions of Microsoft Windows is widespread.
The hackers attempt to trick victims into opening malicious
attachments to spam e-mails by saying they contained invoices,
job offers, security warnings, and other seemingly legitimate
The extortionists demand payments of $300 to $600 to restore
access once computers are crippled by the scam. Cybersecurity
firms said criminal organizations were probably behind the
Russia's Interior Ministry, Emergencies Ministry, and biggest
bank, Sberbank, were all targeted, officials said.
The Interior Ministry said on its website that around 1,000
computers had been infected, but it had localized the virus.
Russia's Investigative Committee denied reports that it was
Russia's Health Ministry and Emergencies Ministry told Russian
news agencies that they had repelled the cyberattacks, while
Sberbank said its cybersecurity arrangements had prevented
viruses from entering its systems.
Russiaís Central Bank said Saturday that it detected massive
cyberattacks on domestic banks, but the resources of the Central
Bank itself were "not compromised."
Megafon, a top Russian mobile operator, said it had come under
attacks that appeared similar to those that crippled U.K.
hospitals. A spokesman said mobile communications weren't
affected but the attacks interrupted the work of its call
Spain and the United Kingdom were hit particularly hard.
Hospitals across Britain found themselves without access to
their computers or phone systems. Many canceled routine
procedures and asked patients not to come to the hospital unless
it was an emergency.
British Prime Minister Theresa May said that, while some
hospitals were crippled, there was no evidence patient data had
giant Telefonica telecommunications company was hit, prompting
Spanish authorities to take measures to protect critical
infrastructure in transportation, energy, telecommunications,
and financial services.
Only a small number of U.S. organizations were hit because the
hackers appear to have begun their campaign in Europe,
cybersecurity firms said.
By the time the hackers turned their attention to the United
States, spam filters had identified the new threat and flagged
the ransomware-laden emails as malicious.
The security holes exploited by the hackers were disclosed
several weeks ago by TheShadowBrokers, a mysterious group that
has published what it says are hacking tools used by the White
House security agency as part of U.S. intelligence-gathering.
Microsoft said it was pushing out automatic Windows updates to
defend clients from the virus.