A massive extortion cyber-attack on Friday hit dozens of countries disrupting services of no. of sectors including UK’s NHS. The attack was carried out by a "Wanna Decryptor" virus which took over computers and demanded ransom.
UK’s National Health Services were the worst hit and many NHS hospitals had to transfer their patients to unaffected hospital that caused delay in surgeries.
Cyber experts have called the attack "unprecedented" and said such attacks usually take months to spread but this one spread in one big hit.
However, there are patches available to prevent or get away with the virus but it will take few days for businesses to get back to normal.
To better understand the attack and its vulnerabilities, News Nation Digital caught up with cyber expert and Head of Threat Prevention - Northern Europe at Check Point Software Technologies, Aatish Pattni.
Question 1: Please elaborate how big the attack is and has it been resolved if not how much more time it may take?
Answer: This is one of the largest Ransomware attacks I've seen. Other big attacks of this nature spread over months. This one spread in one big hit. It will still take a few days for businesses to resolve and clean up from this attack. It could take them even longer to patch systems to ensure they are not vulnerable from re-attack.
Question 2: There have been at least 99 countries affected by it including UK and US, but it isn’t reported in India so far!! How do you see that?
Answer: The attack spread would have been based on how many target machines the attackers had in their database. It's possible that not many machines in India were in their database or Indian businesses that have been attacked have simply not reported it.
(Andhra Pradesh police Saturday reported the attack. Over 100 of its computer were affected by the ransomware.)
Question 3: How can it be prevented and if it hits how to get away with this “Wanna Cry”?
Answer: There are many ways to prevent this kind of attack, 1; patch vulnerabilities, 2; invest in security software that would stop the attack getting in 3; invest in security softwares that would instantly stop ransomware running.
Question 4: Any Idea who and from where the attack was carried out?
Answer: It's too early to say who was behind this, ransomware is usually associated with highly organised criminal gangs. Given the scale and sophistication of the attack, it's clearly a very resourceful and dangerous group or individual.