Friday’s massive ransomware cyberattack will probably get worse, experts warn

May 14, 2017, 3:16pm

A massive cyberattack infected some 200,000 computers in at least 150 countries Friday with ransomware — malicious software that encrypts the computer’s files and demands a payment to regain access to them. The attack was “unprecedented in scale,” Europol’s chief Rob Wainwright told the BBC.

This attack is likely the most widespread cyberattack ever, and is expected to spread on Monday when people return to work and activate their computers, cyber security experts warned.

Here’s what you need to know about the attack:

  • The software is a variant of ransomware called WannaCry. It encrypts afflicted computers’ files — displaying a message that reads, “Oops, your files have been encrypted!” — and demands a payment of about $300 in Bitcoin, an online cryptocurrency, in order to restore access.
  • The attack appears to have exploited a flaw in the Windows operating system identified by the National Security Agency last August and released publicly in a trove of files leaked last month by a hacker group called the Shadow Brokers.
  • The attack primarily targeted Russia, Ukraine, and Taiwan, but also affected the United Kingdom, Chinese universities, and major companies such as FedEx. Some hospitals in the UK were forced to cancel outpatient appointments; it’s not yet known whether anyone suffered injury or death as a result of the cyberattack.
  • Twitter user @MalwareTechBlog, a 22-year-old cybersecurity expert in the United Kingdom, helped to stop the spread of the attack by inadvertently activating the ransomware’s “kill switch” that was built into the virus by the hackers who created it. Experts believe that the 22-year-old, who is insisting on anonymity, is largely responsible for keeping the attack from spreading to the U.S.
  • It’s not over yet: @MalwareTechBlog flipped the killswitch on Friday, but warns that a new version of the ransomware likely won’t have one.

  • The New York Times reports that the hackers behind the cyberattack could pocket up to a $1 billion. Experts tell the Guardian, however, that the attack appears to have only raised about $20,000 so far.
  • You can download a patch for Windows here.