Cyber attack: Latest evidence indicates ‘phishing’ emails not to blame for global hack

Thousands of computers in China and Japan hit by WannaCry virus

Putin says Russia had ‘nothing to do’ with global ransomware outbreak
Microsoft attacks US government over developing ‘EternalBlue’ exploit that led to hack
New strains of virus reported but having little effect
Jeremy Hunt says there has been no second wave of attacks
Latest evidence suggests “phishing” emails are unlikely to have caused the global cyber attack that wreaked havoc at dozens of NHS trusts and hit hundreds of thousands of computers in 150 countries.

Security experts have disputed claims that the virus was spread through suspicious emails, saying that computers were vulnerable to the bug regardless of how vigilant users were. Experts said that unless IT departments patched the virus and backed up their files they could be hit by the attacks.

Affected NHS trusts were criticised for not adding the patch despite warnings from NHS Digital a month ago that they were vulnerable to a possible attack.

“Malware created by intelligence agencies can backfire on its creators,” said Putin, speaking to media in Beijing. He added that global leaders needed to discuss cyber security at a “serious political level” and said the US has backed away from signing a cyber security agreement with Russia.

Authorities fear a second wave of the “WannaCry” ransomware could hit systems as people return to work and switch on their computers on Monday morning.

Japanese computer experts said around 2,000 PCs had been affected while the Chinese news agency Xinhua reported that almost 30,000 had been hit.

Authorities had warned of a day of chaos ahead of Monday, with the National Cyber Security Centre saying that existing infections could spread through computer systems.

NHS systems appeared to be largely up and running on Monday, although seven out of the 47 trusts hit by last week’s attack are still seeking emergency support, according to NHS Digital.

Patients are being warned of slow service at surgeries, but patient data does not appear to have been compromised. The Home Secretary Amber Rudd will hold a meeting of the emergency COBRA committee later today.

The WannaCry ransomware, which locks computer systems and demands $300 (£230) in Bitcoin, hit over 200,000 computers on Friday and the impact continued to be felt across the weekend. Around £33,000 in ransoms have been paid to date, according to analysis of Bitcoin wallets.

On Sunday night, Microsoft slammed the US spy agency that had originally developed software that allowed the ransomware attack to infect computers. The “Eternal Blue” tool developed by the National Security Agency had been dumped onto the public internet by a hacking group known as the Shadow Brokers.

It was then used by the still-anonymous cyber criminals to infect PCs with Friday’s ransomware.

“The governments of the world should treat this attack as a wake-up call,” In a statement, Microsoft president Brad Smith said. “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”

Microsoft released a patch over the weekend for the Eternal Blue vulnerability that defends against it even with older versions of Windows.

Phishing emails “not likely” to have caused the cyber attack

Security researchers have told the Telegraph that phishing emails are not likely to have been the vessel through which the ransomware spread. Instead it is likely that it spread across machines through a Windows system used for file sharing between computers.

National Crime Agency ‘identifying patterns’ in attacks

The National Crime Agency has said it will “take time” to investigate who is behind the attacks, but said it has started “identifying patterns” in the swathes of data it has access to.

It said there is currently no indication that there will be a second wave of attacks in the UK, but warned people to still be careful.

NHS trusts ignored warning last month to upgrade systems

Dozens of NHS trusts fell victim to ransomware after failing to upgrade their systems despite a warning from NHS Digital, Sky News reports.

NHS Digital has said it told NHS trusts to upgrade their systems last month or risk falling victim to a cyber attack. The warning came after hackers leaked details of a Microsoft vulnerability stolen from the NSA.

The security patch could have prevented the ransomware attack from spreading across NHS computer systems.

Vladimir Putin blames US for hack

Vladimir Putin has blamed the US for causing the global cyber attack. He said Russia had “nothing to do” with the cyber attack, adding that the US had indirectly caused it by creating the Microsoft hack in the first place.

“Malware created by intelligence agencies can backfire on its creators,” said Putin, speaking to media in Beijing.

He added that the attack didn’t cause any significant damage to Russia. Russian security firm Kaspersky said hospitals, police and railroad transport had been affected in the country. Another report suggested Russia was one of the worst hit locations.

Be the first to comment

Leave a Reply

Your email address will not be published.