Singapore/Toronto — Technical staff scrambled on Sunday to patch computers and restore infected ones, amid fears that the ransomware worm that stopped car factories, hospitals, shops and schools could wreak fresh havoc on Monday, when employees log back on.
Cybersecurity experts said the spread of the virus dubbed WannaCry — "ransomware" which locked up more than 100,000 computers — had slowed, but the respite might only be brief.
Code for exploiting the worm, known as "Eternal Blue," was released on the internet in March by a hacking group known as the Shadow Brokers. The group claimed it was stolen from the National Security Agency. The agency has not responded to requests for comment. The head of the EU police agency said on Sunday the cyber assault hit 200,000 victims in at least 150 countries.
Hundreds of hospitals and clinics in the UK’s National Health Service were infected on Friday, forcing them to send patients to other facilities.
Symantec, a cybersecurity company, forecast infections so far would cost tens of millions of dollars, mostly from cleaning corporate networks.
Governments and private security firms said on Saturday that they expected hackers to tweak the malicious code used in Friday’s attack, restoring the ability to self-replicate.
Bryce Boland, a chief technology officer for FireEye, a cybersecurity firm, said it would be straightforward for the attackers to launch new releases or for other ransomware authors to start copying the way it replicated.
Reuters
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.