The ransomware attack unleashed on Friday has affected more than 100,000 organizations in 150 countries, according to Europe's law enforcement agency Europol on Sunday.The malware, which locks files and asks for payment to unlock them, hit businesses and institutions across the world, including shipper FedEx, train systems in Germany, a Spanish telecommunications company, universities in Asia, Russia's interior ministry and forced hospitals in Britain to turn away patients.More than 200,000 people around the world have been affected by the malware, Jake Cigainero reports for NPR's Newscast."The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits," Europol said in a statement.As employees return to work on Monday and turn on their computers, the number of infections could rise, the agency said.The malware, which has been called multiple names including WannaCry, Wanna Decryptor or WannaCrypt, creates a pop-up window informing users that their files are encrypted and are no longer accessible — without a payment. Screenshots of the malware show an initial request for $300 to be paid in bitcoin, with a timer that says the ransom amount will rise if it's not paid within a certain time frame, and files will be lost after that.The hacker's total take from the global outbreak, however, appears to be much smaller than anticipated. Security researcher Brian Krebs wrote that as of Saturday, evidence showed about $26,000 in payments to the bitcoin accounts associated with the malware. "One of the nice things about Bitcoin is that anyone can view all of the historic transactions tied a given Bitcoin payment address. As a result, it's possible to tell how much the criminals at the helm of this crimeware spree have made so far and how many victims have paid the ransom," Krebs writes.
- Hundreds of computers at a hospital in Jakarta, Indonesia
- telecommunications companies in Spain, Portugal and Argentina
- signs at malls in Singapore
- hundreds of hospitals in the U.K.'s National Health Service
U.K. politicians are harnessing the attacks to criticize the U.K.'s Conservative Party of Prime Minister Theresa May, which made cuts to the NHS system, Willem Marx reports for NPR's Newscast unit. The cuts made NHS computer systems "outdated and vulnerable" to attack, critics say."Defence Minister Michael Fallon told the BBC that British authorities are spending more than $60 million on safeguarding computer systems," at the NHS, Marx adds. "Mr. Fallon said the government had already identified cyberattacks as one of the three greatest threats to Britain's security, and had pledged almost 2 and a half billion dollars to protect IT infrastructure."Ransomware is big businessRansomware works by hijacking a person's files and threatening to delete them without payment. The latest outbreak seems to be the biggest by far, though security experts have been warning about the risks of ransomware, especially to businesses, for some time.A report by IBM in December found 40 percent of spam emails contained ransomware attachments last year, up from less than 1 percent the previous year. The technology has been "increasingly rampant since 2014," the study says, though the concept goes back to 1989, "when PC-locking malcode was snail-mailed to victims on floppy disks." The average ransom request is $500, IBM found.The FBI said victims incurred costs of $209 million in the first three months of 2009, Reuters reported. The U.S. government says more than 4,000 ransomware attacks happen every day.The government recommends reporting ransomware immediately to the FBI or the U.S. Secret Service, and advises against paying ransoms, saying that payment is no guarantee of recovering data, and that it only encourages further attacks.The IBM study found, however, that seven in 10 victims end up paying to get their data back. The FBI says the typical ransom runs between $200 and $10,000. Of the victims surveyed by IBM, more than half paid more than $10,000 in ransom.The government recommends strong prevention measures as the best defense against ransomware attacks, including: strong spam filters, making sure software is patched and up to date, using anti-virus software, and regularly backing up data. Copyright 2017 NPR. To see more, visit http://www.npr.org/.