The British National Health System (NHS) has been the victim of a massive ransomware attack that appears to be part of a global action. Until now, this attack has invaded hospitals and businesses across the UK and other countries.
The attack began yesterday on Friday and, according to observers, we have not seen a similar one since it seems to have affected at least 74 countries.
Attack orchestras promote the WannaCry ransomware, which locks computer files.
Please note that this ransomware is based on one of the NSA's exploit recently leaked by the group Shadow Brokers.
Attackers to infect computers with WannaCry use one exploit windows embraced by NSA's EternalBlue tool. Microsoft has already released an update on this vulnerability, but many users and organizations have not bothered to update their systems.
Malicious software infects a computer, exploiting a vulnerability for SMB file sharing. Older versions of Windows are more affected by this, especially because Microsoft no longer supports Windows XP or Windows 2003.
"Today's ransomware attack on the NHS, Telefonica and others in more than 70 countries is unprecedented in what we have seen so far from ransomware attacks. "Based on what we've seen today, it looks like this attack is perfect and uses unspecified vulnerabilities in conjunction with Ransomware encryption," said Travis Farral, Director of Security Strategy at Anomali and former ExxonMobil security supervisor.
Security researchers from Malwarebytes believe that this malicious software is very dangerous because it locks the files with RSA-2048 encryption, which means it's virtually impossible to decrypt it without the attacker's key.
Fraudsters demand from their victims 300 dollars, a small amount if you think that the malicious campaign hits utilities and health care.
"We hope the affected companies will be able to quickly find their backups," say Malwarebytes researchers