The ransomware attack that began on Friday may have been slowed for the moment, but there are indications that another similar attack could occur as soon as Monday morning, according to Europol Director Rob Wainwright. In comments to the BBC, Wainwright confirmed that the cyberattack spread to 150 countries, victimizing thousands of people and firms.
The ransomware attack utilized a virus called WannaCry that blocked users from accessing data on affected systems. The virus demanded that those users pay a ransom of $300 in Bitcoin to regain control of their systems and data. Experts believe that WannaCry made use of the NSA’s EternalBlue exploit to launch its attacks on thousands of computers around the world. While Microsoft had released an update in March with a patch to address the problem, any computers that had not yet installed that update were vulnerable to attack.
The UK National Health Service was among those hardest hit, with officials estimating that as many as 70,000 different devices may have been impacted – including vital health care equipment like blood-storage refrigerators, MRI scanners, and critical computer systems. The attack led health care officials to divert ambulances and caused some patients to be turned away due to the severity of the disruption.
Initial BBC estimates suggest that the hackers may have met with little success from a ransom standpoint, receiving payments of only £22,080. If that estimate is true, then fewer than 100 of the victims acquiesced to the hackers’ demands. However, that number may grow in the days ahead.
Wainwright has acknowledged that Europol is actively collaborating with the U.S. Federal Bureau of Investigation and other international law enforcement agencies as they attempt to track down the persons or groups responsible for the attack. Meanwhile, he has also warned that a new version of the virus has apparently already been released. His agency is advising companies around the world to install their computer updates to help prevent a second wave of disruption when employees come back to work on Monday.
The good news is that Bitcoin has not received the level of negative press and blame that it has experienced in the aftermath of previous cyberattacks. Instead, most of the attention has been focused on the NSA exploit used in the attack, the actual threat posed to victims and vital systems, and the sheer magnitude of the event.