Earlier this summer, several large businesses and government facilities in North America and Europe were compromised in a worldwide cyberattack.
Large companies affected across Europe include the giant Danish shipping company, Maersk; the Russian energy giant, Rosneft; and the French construction company, Saint-Gobain. According to a report by The New York Times, American pharmaceutical giant Merck and DLA Piper, a law firm, were also targeted by the attacks.
Though not certain, experts believe the attacks started in Ukraine, when A.T.M.s stopped functioning the nation’s capital of Kiev. Eighty miles away, computers analyzing and monitoring radiation levels stopped working at the old nuclear power plant in Chernobyl, thus forcing workers here to monitor radiation levels manually. Next, the attacks spread and caused a ripple effect of global damage.
These cyberattacks, perhaps the most sophisticated of recent ones, are similar to the WannaCry attacks that occurred in May of 2017, experts indicate. The WannaCry cyber raids affected Windows users and many businesses; these computers of said users—like those in recent attacks—demanded their users provide digital payment to regain control of their computers.
Researchers at the computer security company Symantec said the recent attacks and the WannaCry attacks both involved many hacking tools created by the National Security Agency (N.S.A) called Eternal Blue, which were leaked online in April of 2017 by an organization called the Shadow Brokers. However, in the attacks that took place earlier this summer, two other methods were also used to promote the spread of the virus.
Computer specialists also say that the ransomware, an umbrella term for many kinds of malicious software, present in recent cyberattacks is a variant of one that emerged last year called “Petya.” Creators of Petya sold it on the “dark web.” Anyone who bought or used Petya could launch the software to take control of someone else’s computer and demand digital money to return control of said computer to its owner.
Increases in largescale, even worldwide cyberattacks like these have led individuals and businesses alike to wonder how they can protect themselves and their computers from hackers. In March of 2017, Microsoft released a patch that users can deploy to protect their computers against the vulnerability that Eternal Blue hacks to get into computer systems. Yet, the WannaCry attacks—which took place only months after the release of this patch—illustrated that many who purchased the patch did not install it correctly.
In addition to misuse of the patch, cyberattacks can be hard to prevent because authorities and security companies struggle to find the culprits behind them, not only because of the sheer amount of computer systems invaded in such attacks but also because of how hacks are executed.
As of yet, the N.S.A. has not admitted that its tools were used in the recent cyberattacks. Some computer specialists are angered by this and demand that the N.S.A. now help defend individuals and businesses against the tools that they manufactured.
But even if the N.S.A. denies accountability on this front, efforts are being made to prevent further attacks. For example, a spokesperson for Microsoft stated that the company’s most recent antivirus software should bar hackers from entering users’ computers.
Whether the most recent round of cyberattacks was a prima facie disruption or a mere distraction manufactured by hackers to mask a bigger objective, officials and cyber security agencies have yet to figure out the extent of the damage. They are still working to determine how many computer systems and businesses were affected. And, as of now, it is unclear if other businesses remain to be affected.
[Source: The New York Times]