On Friday (May 12), it was reported that hackers had gained National Health Service computers (UK healthcare service), shuttering the entire system. Similar attacks were reported in the afternoon hitting thousands of computers in at least 11 countries.
The attacks consist mainly in blocking the files in the infected computer and ask users for a ransom (using a ransomware).
What is Ransomware?
Once a computer is infected, here is what can happen:
- Files may be encrypted or converted into a different language for which only the hacker has the cipher. The user won’t even notice until he tries to open a file.
- The ransomware locks the user out of its entire system. During the attack in England, computer screens showed a message demanding $300 in bitcoin in exchange for the decryption key that would unlock the files.
How do computers get infected?
Download an infected piece of software or a PDF.
phishing email to direct the user to an infected website : e.g. hackers sent a zip file attachment in an email. When victims clicked on it, their computers were infected.
Who’s been hit so far?
- Britain’s National Health Service (NHS) was a major victim. More than 40 hospitals and health facilities across England were affected, Hospitals in Scotland and Wales were affected, too.
- Spain’s National Cryptologic Center, part of that country’s intelligence agency, reported a massive attack against Spanish organizations.
- FedEx disclosed that its systems also were victim of the attck
- And apparently, as of may 12, 36 000 additional attacks reported in Russia, Ukraine, Taiwan and many other countries.
What can I do to stay safe?
- back up your hard drive.
- If you run a business, back up every computer in your office and have a plan for what to do if your system goes down for a while. And make sure your users are educated about the common kinds of attacks.
- Don’t pay the ransom (it is not even sure, you will retrieve the your file)
For more details about you can read from the Washington post here
This post is also available in fr_FR.