Global Cyber Attack Slows but Experts See Risk of Fresh Strikes

Global Cyber Attack Slows but Experts See Risk of Fresh Strikes
The National Security Agency (NSA) headquarters building in Fort Meade, Maryland. NSA/Handout via REUTERS
|Updated:

SINGAPORE/FRANKFURT—A global cyber attack described as unprecedented in scale forced a major European automaker to halt some production lines while hitting schools in China and hospitals in Indonesia on Saturday, though it appeared to die down a day after its launch.

Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, the cyber assault has infected tens of thousands of computers in nearly 100 countries, with Britain’s health system suffering the worst disruptions.

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that seemed to contain invoices, job offers, security warnings and other legitimate files.

Once inside the targeted network, so-called ransomware made use of recently revealed spy tools to silently infect other out-of-date machines without any human intervention. This, security experts said, marked an unprecedented escalation in the risk of fresh attacks spreading in the coming days and weeks.

The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access. Researchers observed some victims paying via the digital currency bitcoin, though no one knows how much may have been transferred to extortionists because of the largely anonymous nature of such transactions.

An ambulance waits outside the emergency department at St Thomas' Hospital in central London, Britain on May 12, 2017. (REUTERS/Stefan Wermuth)
An ambulance waits outside the emergency department at St Thomas' Hospital in central London, Britain on May 12, 2017. REUTERS/Stefan Wermuth