Sun, May 14, 2017 - Page 4 News List

Researcher claims ‘kill switch’ found for cyberthreat

AFP, HONG KONG

A cybersecurity researcher appears to have discovered a “kill switch” that can prevent the spread of the WannaCry ransomware — for now — that has caused the cyberattacks wreaking havoc globally, reports said yesterday.

The researcher, tweeting as @MalwareTechBlog, said the discovery was accidental, but that registering a domain name used by the malware stops it from spreading.

“Essentially they relied on a domain not being registered and by registering it, we stopped their malware spreading,” @MalwareTechBlog told reporters in a private message on Twitter.

However, the researcher warned that people “need to update their systems” as soon as possible to avoid attack.

“The crisis isn’t over, they can always change the code and try again,” the researcher said.

Friday’s wave of cyberattacks, which affected dozens of countries, apparently exploited a flaw exposed in documents leaked from the US National Security Agency.

The attacks used a technique known as ransomware that locks users’ files unless they pay the attackers a designated sum in the virtual currency bitcoin.

Affected by the onslaught were computer networks at hospitals in Britain, the Russian Ministry of the Interior, Spanish telecom giant Telefonica, US delivery firm FedEx and many other organizations.

“I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental,” @MalwareTechBlog tweeted.

Computers already affected will not be helped by the solution.

“So long as the domain isn’t revoked, this particular strain will no longer cause harm, but patch your systems ASAP, as they will try again,” the researcher said.

The malware’s name is WCry, but analysts were also using variants such as WannaCry.

Forcepoint Security Labs said in a statement on Friday that the attack had “global scope” and was affecting networks in Australia, Belgium, France, Germany, Italy and Mexico.

In the US, FedEx acknowledged it had been hit by malware and was “implementing remediation steps as quickly as possible.”

Also badly hit was Britain’s National Health Service, which declared a “major incident” after the attack, which forced some hospitals to divert ambulances and scrap operations.

Pictures posted on social media showed screens of the health service’s computers with images demanding payment of US$300 in bitcoin, saying: “Ooops, your files have been encrypted!”

This story has been viewed 1353 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top