On the evening of May 12, Beijing time, the new “worm” ransomware broke out WannaCry around the world, attacking governments and public network systems of various countries, and many schools and hospitals were seriously harmed. China’s education network has become the hardest hit area of hacker invasion, and the teaching system has been paralyzed in a large area.
Large-scale cyber attacks are believed to have spread around the world using the “Eternal Blue” hacker weapon leaked by the US National Security Agency (NSA). The ransomware named WannaCry locks computer systems of tens of thousands of information service networks in nearly 100 countries including Britain, the United States, China, Russia, Spain and Italy, and require users to pay $300 in bitcoin. Great price! Bitcoin has risen to 1800 dollars, and it seems that it cannot be redeemed.
According to the latest research data exclusively obtained by the first financial reporter, 26 million college students have been blackmailed by the software, and 8 million fresh graduates are trapped in the “crisis of silk industry”. However, a source in the field of network security told the first financial reporter: “The total number of graduates in China is only 8 million, and it is impossible to be blackmailed. The reliability of this data remains to be verified.” But he admitted that this large-scale hacker incident was quite serious. “Many government departments in China are interconnected with education networks and brought to them.” The security expert further told the first financial reporter, “if a similar virus breaks out on a large scale on the mobile phone, Alipay will explode.”
British medical system crash
The NHS, the national medical system of Britain, is most affected by the WannaCry procedure. The outpatient service of major hospitals and doctors in Britain has been canceled and the ambulance has been temporarily transferred back. This has had a direct impact on hundreds of thousands of patients in Britain. “We cannot access the patient’s medical record, prescription and appointment system.” Doctors at the British National Hospital said in Twitter, “This is a matter of human life.”
Russia’s interior minister said that Russia had locked the virus after a large area of hacker attacks on personal computers of Microsoft’s Windows operating system. In Germany, the computer of the ticketing system of the National Railway was also attacked. In Italy, the same hacker attack occurred in the Computer Laboratory of the university.
The network systems of Spanish companies, including Spanish telecom giant Telefonica, power company Iberdrola, and energy supplier Gas Natural, are also paralyzed. Portuguese telecom, American transportation giant FedEx, a local government in Sweden and Russia’s second largest mobile telecom carrier Megafon have all revealed relevant hacker attacks.
In China, the campus network in China is infected in a large area. Many computer files of teachers and students are encrypted by viruses, and can only be recovered by paying ransom. Data show that on the night of May 12, China was attacked about 4,000 times per hour during the peak period of campus network. At present, it is the graduation season of colleges and universities, and the blackmail virus has caused some graduation papers of fresh graduates to be encrypted and tampered.
According to Avast, a network security company, more than 75000 extortion cases have occurred worldwide. “The impact is huge.” Avast expert Jakub told the first financial reporter Kroustek, “The ransomware version has arrived.” Researchers said that there were links between the attacked systems, but this did not look like an organized attack against specific targets.
Tencent Yunfang said to the first financial reporter: “For users who have been affected at present, Tencent suggests to back up important unencrypted data and carry out reinstallation.” Tencent related persons also revealed to the first financial reporter that as early as May 6, this virus called WannaCry had been found on Tencent’s public cloud, however, the Windows image provided by Tencent Cloud official website has been updated on April 20. By default, the latest patch has been installed, so it is not affected by the ransomware virus.
Experts from the public science and technology security attack and defense Laboratory told the first financial reporter: “The main reason for such a large-scale hacker attack is that the computer did not install patches and updates in time and was attacked by the vulnerability exploitation program. After success, the attacker said that the files on the computer were encrypted and demanded a ransom. Attackers have further implanted malicious programs such as remote access trojans and virtual currency mining.”
Last month, a group of hackers called The Shadow Brokers claimed to have stolen The hacker tool and posted it online. Microsoft has repaired vulnerable systems in March this year, but many systems have not been updated in time, leading to this global hacker disaster.
China Education Network has been invaded in a large area
Some security experts said that the global spread of the virus was spread through worms. Unlike many other malware that require manual virus implantation, worms can spread themselves among computer systems. Once the worm enters a computer system, it will track the vulnerable computers that are not well protected and infect them. Therefore, the network that Chinese government departments communicate with the education network has also been attacked by the virus.
This also explains why computers in public systems such as China’s education network and Britain’s NHS medical system are attacked on such a large scale, because usually the maintenance and protection measures of computers in these institutions are relatively weak.
According to analysis, worms transmitted through port 445 of Windows have appeared many times in China. In this regard, some operators blocked port 445 for individual users. However, the domestic education network is not limited, and there are still a large number of computers exposed to port 445, thus becoming the hardest hit area of hacker attacks.
The momentum of ransomware attacks has emerged since last year. According to an annual data destruction report Verizon, the number of companies around the world attacked by ransomware increased by 50% last year. The report found that malware accounted for more than half of all network attacks by analyzing 2,000 network damage cases, of which more than 60% were enterprises with fewer than 1,000 employees. The report also said that some companies’ payment systems were targeted by hackers and updated.
Marc Verizon, senior manager of the Spitler security research department, said: “successful ransomware attacks will also spread on a large scale. This is because many malicious hacker organizations have widely adopted this strategy. The purpose of ransomware is to extort money from every infected device.”
Another report by cyber security company Symantec shows that the average amount paid by victims for ransomware has increased to $1077. Generally speaking, ransomware is more direct to consumers and very careful to attack enterprises. Spitler said: “Hackers will go deep into the company’s network infrastructure to find key data, spread the virus, and finally ask them to pay.”
Spitler also said that the good news is that some industries that were attacked by hackers in the past have taken protective measures, and the number of attacks has decreased significantly. He said that although users basically have no way to prevent the spread of the virus after the computer is infected with the virus, the organization still has many preventive protection measures to do, such as setting up protective walls, installing anti-virus software, apply for file filters, run external invasion monitoring software, and regularly update system software. However, like anything else, 100% secure computer systems do not exist.
2773
On the evening of May 12, Beijing time, the new “worm” ransomware broke out WannaCry around the world, attacking governments and public network systems of various countries, and many schools and hospitals were seriously infringed. China’s education network has established hackers to invade the hardest hit areas, teaching