“Unprecedented” Cyber Attack Hits 2 Lakh Computers In 150 Countries; India 3rd Most Affected

The Logical Indian Crew

May 15th, 2017

Cyber Attack

Image Credit: ibtimes

Since Friday, 12 May, the world has been hit by a massive cyber attack. It has affected 230,000 computers in 150 countries, leading to crises in hospitals, schools, government offices, and any industry that relied on computers – which is to say, all industries. The attack has been described by Europol, Europe’s police agency, as “unprecedented”, and it continues to affect computers around the world, with analysts warning about the possibility of renewed attacks in coming days.

Countries affected by Friday’s attack.Wikimedia

What is the attack all about?

The attack involved “WannaCry”, a ransomware that targets Microsoft Windows operating systems. It exploited loopholes in older versions of Windows to send phishing emails to users. Phishing is a method to obtain sensitive personal information of users, like usernames, passwords, credit card details etc., by sending emails pretending to be from an official entity. When an unsuspecting user opens these emails and/or downloads the attached files, their information is compromised and their system is locked/encrypted.

Once the information is encrypted, a message is displayed on the screen declaring the same and asking the user to pay USD 300 (in Bitcoin) if they wish to retrieve their data.

Phishing emails employ “worms” to spread the attack in a local network. If even one of the computers in a local network is compromised because of a phishing email, the worm spreads rapidly and automatically encrypts data in all computers in the network. This is why Friday’s attack spread so rapidly across the world.

Who are affected?

WannaCry swept across Europe and Asia quickly, locking up critical systems like the UK’s National Health Service (NHS), a large telecom in Spain, and other businesses and institutions around the world, all in record time.

Most-affected countries.Securelist

Most-affected companies/organisations.Wikipedia

How did the attack affect India?

India was among the worst-hit countries of Friday’s attack because many Indians still use Windows XP, the operating system whose loopholes were exploited by WannaCry. Presently, a critical alert has been sounded against the spreading of the ransomware.

News agency IANS reported that police computers across 18 units in Andhra Pradesh’s Chittoor, Krishna, Guntur, Visakhapatnam, and Srikakulam districts were affected. However, apart from that, there was no immediate information on the extent of the ransomware’s hold on Indian systems.

Gulshan Rai, chief of cyber security, said, “There are about a 100 systems attacked in India and as of now there are no more threats … We understand systems in Andhra Pradesh are impacted, but so far our assessment is that there isn’t much impact.”

Rai went on to add that a better understanding of the ransomware’s effect in India would only happen on Monday after offices open.

How was the attack contained?

Friday’s attack was slackened after a random researcher (known online as MalwareTech) accidentally found a kill switch to combat WannaCry’s spread. Had the kill switch not been discovered, the impact would have invariably been far more catastrophic.

While this has given authorities time to patch up and update systems and cyber-security, there is high probability of other strains of WannaCry striking in the coming days, and these strains could be immune to the kill switch.

Who are the perpetrators?

It is still unclear as to who caused the attack. Europol stated that a massive international manhunt, a “complex international investigation”, was underway to locate the criminals.

Many commentators criticised the US National Security Agency (NSA) for having indirectly caused the attack. The NSA had prior knowledge of the Windows loophole that the hackers exploited on Friday, but the agency did not disclose this loophole as they planned to exploit the same themselves to their benefit. This exploit, known as EternalBlue, was stolen by a group of hackers, who made it freely available in April. The perpetrators of Friday’s attack used EternalBlue to engineer the fast-spreading worm.

Microsoft said on Friday it would roll out the update to users of older operating systems “that no longer receive mainstream support”, such Windows XP (which the NHS still largely uses), Windows 8, and Windows Server 2003.

Meanwhile, the NSA finds itself on the crosshairs, attacked by cybersecurity activists and government officials who opine that the agency has overreached in its power and influence. The NSA also finds itself on the crossroads, fighting to keep a balance between protecting computer systems and hacking them too.

Share your thoughts..

Related Stories

Massive Cyberattack Strikes Computers Around The World, India Among Those Affected

Manchester, UK: 22 Dead, Around 59 Injured In A Terrorist Attack, ISIS Claims Responsibility

22-Yr-Old Who Stopped Last Week’s Global Cyberattack Donates $10,000 Reward To Charity

Wannacry Ransomware Attack

International Cyberattack Underway, India 3rd Most Affected: How You Can Be Safe

Gay Couple Attack

Dutch Ministers Walk Hand In Hand To Show Solidarity With Gay Couple Attacked

US Hack Smartphones, TVs

Biggest Ever Leak Of CIA Documents: WikiLeaks Reveals How The US Tries To Hack Smartphones, TVs

Latest on The Logical Indian


Election Results: BJP Wins Both Gujarat and Himachal Pradesh, Now 19 States Saffronised


The Journey Of A School Dropout Waste Segregator To Paris Climate Conference


Uttarakhand: 53,000 Disabled And Widows Lose Their Pension Owing To Lack Of Aadhaar


Failing To Get Loan, Adani To Handle Carmichael Mine In Australia By Itself


Kerala High Court Upholds School’s Decision To Expel Student For Hugging Female Friend


Under Criticism Of Corruption, Union Cabinet Approves Bill To Replace Medical Council Of India With National Medical Commission