Ransomware virus is rapidly spreading on a large number of computers worldwide.
The U.S. Department of Health and Human Services issued a public health emergency on Friday. This urgent incident-related message pertains to a significant cyber security issue in the United States, United Kingdom, and other international locations affecting hospitals and healthcare information systems.
A security firm reports that there are more than 75,000 malicious computer attacks in more than 100 countries.
International Cyber Attack
Yesterday’s massive and rapid cyber attack has seen large numbers of computers in around 100 countries locked by a virus.
A form of so-called ransomware virus is based on hacking tools believed to have been developed by the U.S. National Security Agency (NSA). The ransomware called “WannaCry,” locks down all the files on an infected computer and asks the computer’s administrator to pay in order to regain control of them.
CNN reports that a group called The Shadow Brokers stole the hacking tools from the NSA and released them on the Internet.
In March, Microsoft issued a security patch for the vulnerabilities. However, it appears as if hackers are using the tools to attack computers that have not been fixed — or are too old to be protected.
Among the estimated 75,000 cases recorded globally, the systems infected include NHS hospitals in Britain, Spanish and Portuguese telecoms firms, and the delivery company FedEx.
What Users Can Do for Protection
The U.S. Department of Homeland Security (DHS) is aware of reports of ransomware, or WannaCry, affecting computer systems globally.
In a statement late Friday, DHS encouraged people to update their operating systems.
“We are actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally.”
In addition, Microsoft released a patch in March that addresses this specific weakness. Furthermore, Microsoft recommends installing this patch in order to help secure your systems from the threat.
DHS notes, “Individual users are often the first line of defense against this and other threats, and we encourage all Americans to update your operating systems and implement vigorous cybersecurity practices at home, work, and school.”
These practices include the following:
- Update your systems to include the latest patches and software updates.
- Do not click on or download unfamiliar links or files in emails.
- Back up your data to prevent possible loss — whether you’re at a home, at work, or using a school computer.
For more information, the U.S. Department of Homeland Security has previously released information on best practices to address ransomware. That information is available on the United States Computer Emergency Readiness Team’s website at: https://www.us-cert.gov/security-publications/Ransomware
Protect Yourself from Email-based Ransomware Attacks
The U.S. Department of Health and Human Services offers additional protection methods.
Ransomware can be delivered via email by links or attachments within the email. Attachments in emails can include zip files, documents, and executable applications. In addition, malicious links in emails can link directly to a malicious website attackers use to place malware on a system.
Be aware of the following:
- Only open up emails from people you know and that you are expecting. The attacker can impersonate the sender, or the computer belonging to someone you know may be infected without his or her knowledge.
- Do not click on links in emails if you weren’t expecting them. For example, the attacker could camouflage a malicious link to make it look like it is for your bank.
- Keep your computer and antivirus up to date. This adds another layer of defense that could stop the malware.
If You’re the Victim of Ransomware
If your organization is the victim of a ransomware attack, please contact law enforcement immediately. Organizations are recommended to contact their FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance.
These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber crime. Victims are also encouraged to report cyber incidents to the US-CERT and FBI’s Internet Crime Complaint Center.