Many organizations around the world have now been infected by a new hacking technique called “ransomware.”
Ransomware locks people out of their computers and will not let them back in without compensation. The payment they are looking for is in “Bitcoin,” which is an untraceable digital incident.
Infections have been reported in the United States, United Kingdom, Russia, China, Spain, Italy, Vietnam, and Taiwan.
There have been over 36k occurrences of ransomware. The name of the program is called “WannaCry” or some other variation.
A top university in Italy had all their computers locked up by the program, not letting anyone in the institution use them. Wallets are filling with bitcoins as this scheme progresses, as people are opting into paying for access to their own computers.
People monitoring the situation say that this many have some relation to some dumped hacking tools that have been stolen from the NSA.
“Even so, it’s spreading fast,” said Aatish Pattni, head of threat prevention for northern Europe.
Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the NSA.
A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.
“This is a major cyber attack, impacting organisations across Europe at a scale I’ve never seen before,” said security architect Kevin Beaumont. According to security firm Check Point, the version of the ransomware that appeared today is a new variant.
A number of Spanish firms were among the apparent victims elsewhere in Europe. Telecoms giant Telefonica said in a statement that it was aware of a “cybersecurity incident” but that clients and services had not been affected. Power firm Iberdrola and utility provider Gas Natural were also reported to have suffered from the outbreak. There were reports that staff at the firms were told to turn off their computers.