Ransomware infections reported worldwide

Friday, May 12th, 2017, 6:33 pm

A massive ransomware campaign appears to have infected a number of organisations around the world.

Computers in thousands of locations have apparently been locked by a program that demands $300 (£230) in Bitcoin.

There have been reports of infections in as many as 74 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan.

Many security researchers are linking the incidents together.

One cyber-security researcher tweeted that he had detected many thousands of cases of the ransomware, known as WannaCry and variants of that name.

“This is huge,” said Jakub Kroustek at Avast.

Another, at cyber-security firm Kaspersky, said that the ransomware had been spotted cropping up in 74 countries and that the number was still growing.

Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the US National Security Agency (NSA).

A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.

Some security researchers have pointed out that the infections seem to be deployed via a worm – a program that spreads by itself between computers.

The UK’s National Health Service (NHS) was also hit by a ransomware outbreak on the same day and screenshots of the WannaCry program were shared by NHS staff.