Microsoft warns: Ransomware cyber-attack a wake-up call

Here's what you do if your computer has already been targeted.


The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear.

The ransomware, known as Wannacry, appears to exploit a vulnerability in Microsoft Windows that was purportedly identified by the US National Security Agency for its own intelligence-gathering purposes.

Friday's attack largely hit businesses and large organizations: United Kingdom hospitals, a Spanish telecom, FedEx, the Russian Interior Ministry. This move will prevent their systems from falling prey to the malware that has attacked payment systems across the world.

The NHS was among hundreds of organisations affected around the world, with 47 trusts hit.

The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the U.S. spy agency. Experts said India is vulnerable as a large number of computers in the country run the Microsoft's older operating systems like XP, and have not been updated yet.

Major global companies said they also came under attack.

Britain's National Health Service, one of the largest state-run systems in the world, was also one of the most significant victims of the attack, with almost 60 of the U.K. "Trusts", or regional hospital networks, affected.

In Indonesia, the malware locked patient files on computers in two hospitals in the capital, Jakarta, causing delays.

Companies and institutions are often slow to update their computers because it can screw up internal software that is built to work with a certain version of Windows.

"You are dealing with a criminal", he said. And maybe change your passwords while you're at it.

New variants of the rapidly replicating malware were discovered Sunday.

Who stopped the virus from spreading?

The perpetrators said they would release the data once a ransom of US$300 (RM1,301) is paid, hence the name ransomware.

Microsoft released security updates last month to address the vulnerability, with another patch released on Friday. "We expect to see more cases, but we are hoping that we won't", he said on Monday.

The "unprecedented" ransomware cyber attack has hit as many as 200,000 victims in over 150 countries, Europe's leading security chief said on Sunday and warned of possible fresh disruption when workers switch on their computers at the start of the working week on Monday. "The numbers are going up", he added.

Microsoft called in February for a "Digital Geneva Convention" laying down the rules for the protection of users from state cyber attacks, including a requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.

The ramsomware uses a vulnerability first revealed as part of a leaked stash of NSA-related documents.

MalwareTech, who wants to remain anonymous, was hailed as an "accidental hero" after registering a domain name to track the spread of the virus, which actually ended up halting it. If it can't connect, "it ransoms the system", MalwareTech explains. Instead of having to develop their own arsenals of cyberweapons, they simply had to repurpose work done by the highly skilled cyber experts at the NSA, said Phillip Hallam-Baker, principal scientist at the cybersecurity firm Comodo.

Cyber Security Minister Dan Tehan said on Monday that just three businesses had been hit by the bug, despite worries of widespread infection.