150 nations, 200,000 victims
The unprecedented global cyberattack has hit more than 200,000 victims in scores of countries, Europol said yesterday, warning that the situation could escalate when people return to work.
An international manhunt was well under way for the plotters behind what was being described as the world's biggest-ever computer ransom assault.
For all latest news, follow The Daily Star's Google News channel. The indiscriminate attack, which began Friday, struck banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in old Microsoft computer operating systems.
US package delivery giant FedEx, European car factories, Spanish telecoms giant Telefonica, Britain's health service and Germany's Deutsche Bahn rail network were among those hit.
Europol executive director Rob Wainwright said the situation could worsen today as workers return to their offices after the weekend and log on.
"We've never seen anything like this," the head of the European Union's policing agency told Britain's ITV television, calling its reach "unprecedented".
"The latest count is over 200,000 victims in at least 150 countries. Many of those victims will be businesses, including large corporations.
Images appear on victims' screens demanding payment of $300 in the virtual currency Bitcoin, saying: "Ooops, your files have been encrypted!"
Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message.
Experts and governments alike warn against ceding to the demands and Wainwright said few victims so far have been paying up.
The culprits used a digital code believed to have been developed by the US National Security Agency -- and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.
A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA, Kaspersky said.
Russia's interior ministry said some of its computers had been hit, while the country's banking system was also attacked.
French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, while FedEx said it was "implementing remediation steps as quickly as possible".
The researcher warned yesterday that hackers could upgrade the virus to remove the kill switch.
Meanwhile G7 finance ministers meeting in Italy vowed to unite against cyber crime, as it represented a growing threat to their economies and should be tackled as a priority.
Comments