/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2016/09/ID-100462914.jpg)
A global cyber attack apparently based on stolen US National Security Agency's surveillance tools engulfed over 100 countries on Friday affecting tens of thousands of machines worldwide, that included Spanish telecommunications giant Telefónica, operations at the Russian Interior Ministry, and Britain's National Health Services (NHS), where hospitals were disrupted and medical procedures were stalled.
According to cybersecurity firm Avast, hackers exploited a known vulnerability in Microsoft Windows to lock scores of computers and demand a ransom of $300 worth of bitcoin, a digital currency that is difficult to track, to restore access.
The ransomware is taking advantage of an exploit called EternalBlue, leaked online in April by hackers- The Shadow Brokers but patched preemptively by Microsoft in March. Apparently, every company or organization did not install the critical security update.
Edward Snowden, the former NSA contractor who in 2013 leaked thousands of classified documents, has blamed the intelligence agency for not preventing the global cyber attack.
If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened https://t.co/lhApAqB5j3
— Edward Snowden (@Snowden) May 12, 2017
The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers. International shipper FedEx Corp said some of its Windows computers were also infected. “We are implementing remediation steps as quickly as possible,” it said in a statement.
However, only a small number of US-headquartered organizations were hit because the hackers appear to have begun the campaign by targeting organizations in Europe, according to Vikram Thakur, research manager with security software maker Symantec.
The hack reignites the debate about the dangers of intelligence agencies such as the NSA collecting and using software flaws for espionage, rather than quickly alerting companies to vulnerabilities so they can fix them. "These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies but by hackers and criminals around the world," the American Civil Liberties Union, a frequent NSA critic, said in a statement.
The story is still developing. We will keep you posted with further details.