Sat, May 20, 2017 - Page 9 News List

The growing fallout from the global cyberattack

As computer systems worldwide go back online, businesses and organizations struggle to get back on their feet, while in Asia, some of the challenges are just beginning

By Steve Lohr and Liz Alderman  /  NY Times News Service

The list of affected organizations includes two of China’s most prestigious institutions of higher education, Tsinghua and Peking universities; a movie theater chain in South Korea; and blue-chip companies in Japan such as Hitachi and Nissan, which emphasized that their business operations had not been impaired.

China’s state-run oil company, PetroChina, confirmed that the attack had disrupted the electronic payment capabilities at many of its gas stations over the weekend.

By Sunday, 80 percent of its stations were functioning normally again, it said.

In Britain, where the attack was first detected on Friday last week, the National Health Service struggled to get hospitals, clinics and doctors’ offices fully operational. The attack had caused some patients to be turned away from emergency rooms, and surgical procedures and medical appointments needed to be rescheduled.

In Sandbach, England, John Cosgrove, a 42-year-old general practitioner, said things were recovering, but he still did not have access to complete patient records.

The public seems to be putting off medical care that can be postponed until the service’s computer systems are up and running normally again.

“On Friday [last week], there was a feeling of chaos,” Cosgrove said. “But there are not many people booking to see us. It does feel quite different still.”

Until computer security experts closely examine infected machines, they will not know the mechanism by which the malicious software got into the computers and then spread.

The malware used by the attackers was sophisticated, security experts have said, but the collection mechanism was not, by the current standards of ransomware, said Caleb Barlow, vice president in charge of threat intelligence for International Business Machines (IBM).

Some perpetrators include instructions for how to pay by bitcoin — and even examples of people who paid and regained access to their data, and those who did not.

However, this global ransomware attack did not include such payment easing features, Barlow said, and might account for the modest level of estimated payments so far.

“That is a bit of a head-scratcher,” he said.

The bitcoin payments as of late Monday afternoon were just less than US$60,000, according to Chainalysis, a bitcoin analytics firm.

The largest transaction was US$3,300, Chainalysis cofounder Jonathan Levin said, suggesting that large corporations and government agencies have not been paying.

The cyberattack underlines the growing problem of ransomware.

IBM’s security research unit collects and monitors about 45 million pieces of spam per day worldwide. In 2015, less than 1 percent of the spam was ransomware. By last year, 40 percent had a document or Web link that activated ransomware, and the current attack threatens to lift that percentage higher.

Disney CEO Bob Iger told employees at a town hall meeting in New York on Monday that hackers had contacted the company to claim access to one of its unreleased movies and had demanded a ransom.

Iger, who did not identify the film, said Disney would not pay and has been working with federal investigators to resolve the matter.

It was not clear if a film had actually fallen into hackers’ hands or if the attack was related to the one over the weekend.

This story has been viewed 1476 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top