'WannaCry' cyber attack: How to protect your computer

'WannaCry' cyber attack: How to protect your computer

The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later. The ransomware often scrambles filenames and changes their extension.

There are other hints in the curious ways that WannaCry operates that suggest it is the work of people new to the trade. Wanna Cry has used an exploit - a piece of bug in the software - to take advantage of Microsoft Windows and take control of thousands of systems, and lock files.

The malicious software - known as WannaCrypt or WannaCry - is widely believed to have been developed as a hacking tool by the US National Security Agency. The hackers have warned that the ransom amount will go up.

The attack is unique, according to Wainwright, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

It was reported on Saturday that nearly 75,000 systems have been affected in 99 countries.

“The latest count is over 200,000 victims in at least 150 countries.

"Using outdated versions of Windows that are no longer supported raises a lot of questions", said Christopher Dore, a lawyer specializing in digital privacy law at Edelson PC. The main challenge for investigators was the fast-spreading capabilities of the malware, he said, but added that so far, not many people have paid the ransoms that the virus demands.

What are companies doing to mitigate the attack?

Dore said companies that faced disruptions because they did not run the Microsoft update or because they were using older versions of Windows could face lawsuits if they publicly touted their cyber security.

Those clues could point to it being the work of an established group, he said, but there was little sign of any tell-tale text in the version now circulating.

A 22-year old security researcher in the United Kingdom discovered a "kill-switch" to initially stop the spread of the attack.

Later, he admitted that he wasn't aware registering the domain would halt the spread of the attack, which has seen him branded an as "accidental hero". But the researcher cautioned that the hackers could find a way around this.

It is not known how the attack has affected GP surgeries, which are due to open as usual on Monday.

Renault halted production at some factories to stop the virus from spreading, a spokesman said Saturday, while Nissans U.K. vehicle plant in Sunderland, in northeast England, was affected without causing any major impact on business, an official said. "To keep the world safe, these things have to be done".

The ransomware attack was particularly malicious, because if just one person in an organization clicked on an infected attachment or bad link, all the computers in a network would be infected, said Vikram Thakur, technical director of Symantec Security Response.

"We have reached a turning point where it is not sustainable for governments to think they can retain vulnerabilities for very long", said Ari Schwartz, who oversaw technology security issues at the National Security Council during the Obama administration.