Log in, look out: Cyber chaos may grow at workweek’s start

People are reflected in a glass sign of a Telefonica building in Madrid, Spain, Saturday, May 13, 2017. The Spanish government said several companies including Telefonica had been targeted in ransomware cyberattack that affected the Windows operating system of employees’ computers. A cybersecurity expert Ori Eisen of Trusona says the biggest cyberextortion attack in history is going to be dwarfed by the next big ransomware attack that could be done to crucial infrastructure, like nuclear power plants, dams or railway systems. (AP Photo/Paul White)

LONDON (AP) — Employees booting up computers at work Monday could see red as they discover they’re victims of a global “ransomware” cyberattack that has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear.

As a loose global network of cybersecurity experts fought the ransomware hackers, officials and experts on Sunday urged organizations and companies to update older Microsoft operating systems immediately to ensure they aren’t vulnerable to a more powerful version of the software — or to future versions that can’t be stopped.

The initial attack, known as “WannaCry,” paralyzed computers that run Britain’s hospital network, Germany’s national railway and scores of other companies and government agencies worldwide in what was believed to be the biggest online extortion scheme so far.

Microsoft blamed the U.S. government for “stockpiling” software code that was used by unknown hackers to launch the attacks. The hackers exploited software code from the National Security Agency that leaked online.

The company’s top lawyer said the government should report weaknesses they discover to software companies rather than seek to exploit them.

“An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen,” attorney Brad Smith wrote on Microsoft’s blog.

New variants of the rapidly replicating worm were discovered Sunday and one did not include the so-called kill switch that allowed researchers to interrupt its spread Friday by diverting it to a dead end on the internet.

Ryan Kalember, senior vice president at Proofpoint Inc. which helped stop its spread, said the version without a kill switch was able to spread but was benign because it contained a flaw that wouldn’t allow it to take over a computer and demand ransom to unlock files. However, he said it’s only a matter of time before a malevolent version exists.

“I still expect another to pop up and be fully operational,” Kalember said. “We haven’t fully dodged this bullet at all until we’re patched against the vulnerability itself.”

The attack held users hostage by freezing their computers, popping up a red screen with the words, “Oops, your files have been encrypted!” and demanding money through online bitcoin payment — $300 at first, rising to $600 before it destroys files hours later.

We welcome thoughts and comments from our viewers. We ask that everyone keep their remarks civil and respectful. Postings that contain profanity, racist, or potentially libelous remarks will be deleted. We will delete any commercial postings, as well.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s