May 12, 2017

Worldwide "ransomware" cyber attack hit 74 countries today

@fendifille via AP

Today Spain's largest telecom company in was hit with pop-ups demanding ransoms before employees could gain access to files. But it wasn't just Spain. The ransomware swept around the globe as the day progressed, hitting 73 other countries, including England's National Health Service, which left doctors and patients scrambling for information and care services unless they paid the ransoms. Reports have just surfaced that the ransomware has come to the U.S. as well.

Our thought bubble: This isn't just about user accounts, credit cards, or corporate security — all areas in which breaches are more common. The AP reports ransomware attacks are on the rise. Plus, when one computer is compromised, it can affect an entire corporate network, according to Spain's National Cryptologic Center, and your computer can be affected before you even touch it.

The progression of events:

  • After reports came out about Spain, England's National Health Service was attacked by similar popups.
  • Over a few hours, reports surfaced that similar cyber attacks hit 74 countries around the world, for a whopping total of 45,000 attacks, according to Kaspersky's Lab Global Research & Analysis Team, one of the top cybersecurity firms in the world. Russia was the country with the most targets, per Kaspersky.
  • It is believed that the group running these attacks exploited a vulnerability the hacking group, Shadow Brokers, exposed from NSA files in April. Microsoft said it already issued patches for these holes, but it appears many users haven't updated their systems yet, per the AP.
  • Many companies in Spain have regained control of their systems, per the AP.
  • ArsTechnica reports MalwareTechBlog stopped the attack by taking control of a key domain name.
Go deeper