British hospitals +French carmaker's factories +US National Security Agency +Ransomware +LONDON: Cyber security experts rushed to restore systems on Saturday after an unprecedented global wave of cyberattacks that struck targets ranging from Russia's banks toand aThe hunt was on for the culprits behind the assault, which was being described as the biggest cyber ransom attack ever.Mikko Hypponen, chief research officer at the Helsinki-based cyber security company F-Secure, told AFP that the attack was "the biggest ransomware outbreak in history", saying that 130,000 systems in more than 100 countries had been affected.He said that Russia and India were hit particularly hard, in large part because the older Windows XP operating software is still widely used in the countries.State agencies and major companies around the world were left reeling by the attacks which blocked access to files and demanded ransom money, forcing them to shut down their computer systems. "On Saturday, a cyber security researcher told AFP he had accidentally discovered a "kill switch" that could prevent the spread of the ransomware.The researcher, tweeting as @MalwareTechBlog, said that the discovery was accidental, but that registering a domain name used by the malware stops it from spreading. Computers already affected will not be helped by the solution.But @MalwareTechBlog warned that the "crisis isn't over" as those behind it "can always change the code and try again".The malware's name is WCry, but analysts were also using variants such as WannaCry.Britain's National Cyber Security Centre and its National Crime Agency were looking into the UK incidents, which disrupted care at National Health Service facilities, forcing ambulances to divert and hospitals to postpone operations.Pictures on social media showed screens of NHS computers with images demanding payment of $300 (230 pounds, 275 euros) in Bitcoin, saying: "Ooops, your files have been encrypted! "It demands payment in three days or the price is doubled, and if none is received in seven days the files will be deleted, according to the screen message.becomes particularly nasty when it infects institutions like hospitals, where it can put people's lives in danger," said Kroustek, the Avast analyst.A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.Although Microsoft released a security patch for the flaw earlier this year, many systems have yet to be updated, researchers said. "Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email," said Lance Cottrell, chief scientist at the US technology group Ntrepid.Some said the attacks highlighted the need for agencies like the NSA to disclose security flaws so they can be patched.G7 finance ministers meeting in Italy discussed the attacks and were expected to commit to stepping up international cooperation against a growing threat to their economies.

Source: Times of India May 13, 2017 11:19 UTC