London [U.K.], May 13 : Hours after the malware that affected the National Health Service (NHS) England spread to as many as 74 countries, the United States Department of Homeland Security (DHS) released a statement saying it was "aware of reports of ransomware known as WannaCry affecting multiple global entities." The DHS noted that Microsoft released a patch in March that addresses this vulnerability, adding, "individual users are often the first line of defence against this and other threats, and we encourage all Americans to update your operating systems and implement vigorous cybersecurity practices at home, work, and school," The Guardian reports.
The DHS said it was also "actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally." The agency further said it was working with chief information officers in other U.S.
federal departments to ensure "our own networks are protected against the threat." Earlier, a security expert at Surrey university claimed that the malware resembled an exploit of 'EternalBlue'.
'EternalBlue' is the name given to a weakness in Microsoft's security that is thought to have been identified secretly by the United States National Security Agency (NSA).
"From the analysis that has been done, it looks like it is the 'EternalBlue' weakness that has been exploited because it is using the same ports and protocols.
We don't know publicly if it is the NSA (that found the vulnerability) but it is widely assumed it is and that is what Shadow Brokers said," The Guardian quoted Prof.
Alan Woodward, as saying. This particular vulnerability was publically disclosed by a group calling itself Shadow Brokers, which claimed to have stolen it from the NSA, among a cache of files it took.
Meanwhile, Kaspersky Lab, a cybersecurity company based in Moscow, published a blog post in which it estimates that 45,000 attacks have been carried out in 74 countries, mostly in Russia.
It added that the totals could be "much, much higher." Earlier, a number of hospitals across England were forced to divert emergency patients after being hit by a suspected cyber attack.
Attacks then began being reported across many other countries, including Turkey, Vietnam, the Philippines, Japan, the U.S., China, Spain, Italy and Taiwan with the majority of affected computers in Russia.
The computers all appeared to be hit with the same ransomware, and similar ransom messages demanding about (Dollar) 300 to unlock their data, The New York Times reported.
Source: ANI
