Ciencia

Global cyberattack alert as experts warn of more havoc

Global cyberattack alert as experts warn of more havoc

"Unfortunately, most people don't have them", Abrams says.

A successful cyber-attack on the banking system, the electric grid, traffic lights or electronic medical records could do far more economic and security damage. PSA Group, Fiat Chrysler, Volkswagen, Daimler, Toyota and Honda said their plants were unaffected.

The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes.

Brian Lord, managing director of cyber and technology at cyber security firm PGI, said victims had told him "the customer service provided by the criminals is second-to-none", with helpful advice on how to pay: "One customer said they actually forgot they were being robbed".

Computers running older versions, such as Windows XP used in Britain's NHS health system, while individually vulnerable to attack, appear incapable of spreading infections and played a far smaller role in the global attack than initially reported.

Installing the patch is one way to secure computers against the virus. The NSA alerted Microsoft.

Those hit by WannaCry also failed to heed warnings a year ago from Microsoft to disable a file sharing feature in Windows known as SMB, which a covert hacker group calling itself Shadow Brokers had claimed was used by NSA intelligence operatives to sneak into Windows PCs. In 2000, a Filipino computer graduate unleashed the "Love Bug" virus that wreaked havoc in at least 20 countries and caused losses estimated at up to $10 billion. The British government cancelled a nationwide NHS support contract with Microsoft after a year, leaving upgrades to local trusts.

The security firm Kaspersky Lab, based in Russian Federation, noted that Microsoft had repaired the software problem that allows back-door entry into its operating systems weeks before hackers published the exploit linked to the NSA, but noted: "Unfortunately it appears that many users have not yet installed the patch". Updating software will take care of some vulnerability. The security flaw that hackers used to launch the attacks on Friday was made public after information was stolen from the NSA, which routinely searches for flaws in software and builds tools to exploit them, the report said.

Bossert said that while U.S. officials had not ruled out the possibility that it was a "state action", he said it appeared to be criminal, given the ransom requests.

MalwareTech, whose name was revealed in United Kingdom media to be 22-year-old Marcus Hutchins, was hailed as an "accidental hero" after registering a domain name to track the spread of the virus, which actually ended up halting it.

"The growth rate of infected institutions on Monday has slowed significantly compared to the previous two days", said Chinese security company Qihoo 360. The company is crunching data to arrive at a firmer estimate it aims to release later yesterday.

Who is to blame for the massive ransomware attack?

Dame Fiona and the Care Quality Commission wrote to Mr Hunt to highlight a "lack of understanding of security issues", the newspaper said, and that "the external cyber threat is becoming a bigger consideration".

However, a bug in WannaCry code means the attackers can not use unique bitcoin addresses to track payments, security researchers at Symantec found this week.

Officials in Japan and South Korea said they believed security updates had helped ward off the worst of the impact.

The rapid recovery by many organisations with unpatched computers caught out by the attack may largely be attributed to back-up and retrieval procedures they had in place, enabling technicians to re-image infected machines, experts said. Security experts agree that the best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations.

These factors help explain the mystery of why such a tiny number of victims appear to have paid ransoms into the three bitcoin accounts to which WannaCry directs victims.