A ransomware attack, which experts believe was developed with tools stolen from the USA’s National Security Agency, has hit computers in 99 countries around the world.
The malware locks computers it targets demanding $300 in Bitcoin in return for unlocking. Users are then given a time-limit in which to make payment and if they fail to do so, their files are erased.
The attack has affected the National Health Service in the UK, one of Russia’s interior ministry and one of its biggest financial institutions, Sberbank, and computers in the Ukraine, Spain, Italy, India and China.
Many of the state and private institutions affected are mainly in Asia and Europe, but the ransomware, which experts are calling WannaCry, has also spread to North America and South America. Russia remains the country that has been the hardest hit.
According to a report on the BBC, security experts say that the malware was developed from software tools stolen from the NSA by a hacker group called The Shadow Brokers. The group then attempted to sell the tools in an encrypted format in an online auction. However, on April 8th of this year, the group removed the encryption from the cache as a protest against Donald Trump.
At the time of writing, it’s uncertain whether this is an attack by a group or a lone individual. Markus Jakobsson, chief scientist with security firm Agari, has told The Guardian that he believes it was “scattershot” and he also points out that the ransom demand was pretty small.
“It’s a very broad spread,” Jakobsson said. “This is not an attack that was meant for large institutions. It was meant for anyone who got it.”
There’s no word yet as to whether this attack has spread to computers in South Africa. In the meantime, we urge our readers to take the necessary precautions against downloading malware: make sure your OS is up to date, have anti-virus software installed and don’t open attachments or emails from addresses you don’t recognise. For more details on the hack, head over to Kaspersky Labs and read their report.