France’s aircraft manufacturer Airbus, European car factories such as French carmaker Renault and Nissan's car factory in Sunderland, United Kingdom, as well as Swedish engineering tools and tooling systems provider Sandvik were among those hit by the attack.
The attack occurred last Friday, and struck automotive and aircraft manufacturers; banks, hospitals and government agencies. The cyberattack exploited known vulnerabilities in Microsoft’s older computer operating systems which have not been updated to its current operating system.
Europol’s executive director Robert Wainwright said that there were at least 200,000 victims across 150 countries so far. Britain's National Cyber Security Centre echoed his sentiment by stating further cases are likely to occur and at a large magnitude.
A Renault spokesperson has confirmed that the company had shut down production in a few of its plants in France, Slovenia and Romania. A spokesperson from Nissan, Renault’s partner company, confirmed that files at its Sunderland factory were affected but did not confirm if its production was halted.
Sandvik’s computers which handle both production and administration were affected. The company’s head of external communications said that some of its production were halted, but did not confirm which of its plants had been affected, and that the company is assessing the situation.
The attack took the form of ransomware that is named “WannaCry”. The ransomware is a malicious software that encrypts data computers, then demands payment of US$300 in the virtual currency Bitcoin in return for decryption. Bitcoin allows anonymous transactions due to heavily encrypted codes.
Images appeared on victims' screens displaying the message "Ooops, your files have been encrypted!”. The attack is unique because it combines ransomware with a worm function, meaning once a single machine is infected, the entire internal network is scanned and other vulnerable machines are infected, according to Europol.
The worm targets a particular Windows vulnerability in older versions of Windows. Computers which have already been updated with Microsoft’s latest security patch were safe from the attacks.
Microsoft said the situation was "painful", and warns that the ransomware attack is a “wake-up call”. The company said governments and corporations should not have stored data on software which contained vulnerabilities, which could then be accessed by hackers.
A global manhunt is underway for the culprits behind the cyberattack.
APMEN News, May 2017