An increase in activity of the malware was noticed starting from 8am CET (07:00 GMT) Friday, security software company Avast reported, adding that it “quickly escalated into a massive spreading.”
Dozens of countries around the globe have been affected, with the number of victims still growing, according to the Russian multinational cybersecurity and anti-virus provider, the Kaspersky Lab.
The ransomware, known as WanaCrypt0r 2.0, or WannaCry, is believed to have infected National Health Service (NHS) hospitals in the UK and Spain’s biggest national telecommunications firm, Telefonica.
Britain and Spain are among the first nations who have officially recognized the attack. In Spain, apart from the telecommunications giant, Telefonica, a large number of other companies has been infected with the malicious software, Reuters reported.
The virus is said to attack computers on an internal network, as is the case with Telefonica, without affecting clients.
‘Militarization of cyberspace going out of control’: IT experts talk WannaCry ransomware hackstorm (Op-Edge) https://on.rt.com/8bjg
‘Militarization of cyberspace going out of control’: IT experts talk WannaCry ransomware hackstorm…
The WannaCry ransomware that has infected tens of thousands of Windows operating systems across the globe spread like wildfire because of the NSA exploit, security experts agree, noting the threats…
Computers at Russia’s Interior Ministry have been infected with the malware, the ministry said Friday evening.
Some 1,000 Windows-operated PCs were affected, which is less than one percent of the total number of such computers in the ministry, spokeswoman Irina Volk said in a statement. The virus has been localized and steps are being taken to eliminate it.
The servers of the ministry have not been affected, Volk added, saying it’s operated by different systems for Russia-developed data processing machines.
“Several” computers of Russia’s Emergency Ministry had also been targeted, its representative told TASS, adding, that “all of the attempted attacks had been blocked, and none of the computers were infected with the virus.”
Russian telecom giant, Megafon has also been affected.
“The very virus that is spreading worldwide and demanding $300 to be dealt with has been found on a large number of our computers in the second half of the day today,” Megafon’s spokesperson Pyotr Lidov told RT.
The internal network had been affected, he said, adding that in terms of the company’s customer services, the work of the support team had been temporarily hindered, “as operators use computers” to provide their services.
The company immediately took appropriate measures, the spokesperson said, adding that the incident didn’t affect subscribers’ devices or Megafon signal capabilities in any way.
British Prime Minister Theresa May has said the cyberattack on UK hospitals is part of a wider international attack.
In Sweden, the mayor of Timra said “around 70 computers have had a dangerous code installed,” Reuters reported.
According to Avast, the ransomware has also targeted Ukraine and Taiwan.
The virus is apparently the upgraded version of the ransomware that first appeared in February. Believed to be affecting only Windows operated computers, it changes the affected file extension names to “.WNCRY.”
It then drops ransom notes to a user in a text file, demanding $300 worth of bitcoins to be paid to unlock the infected files within a certain period of time.
While the victim’s wallpaper is being changed, affected users also see a countdown timer to remind them of the limited time they have to pay the ransom. If they fail to pay, their data will be deleted, cybercriminals warn.
According to security experts, the ransomware exploits a vulnerability that was discovered and developed by the National Security Agency. The exploit was leaked by a group calling itself the Shadow Brokers, that has been distributing the stolen NSA hacking tools online since last year.
Canada forces missed targets in Iraq 17 times, no reasons or timeline given – report
A former Canadian commander told the journalist-led transparency project, AIRWARS, that there could have been civilian casualties in those off-target strikes.
CBC News obtained heavily redacted documents from one of the missions which said the weapon simply “malfunctioned” in that case, falling into an open field and going off.
That mission took place when Iraqi security forces were fighting Islamic State (IS, formerly ISIS/ISIL) fighters outside Kirkuk, Iraq in November 2015.
All in all, 17 bombs out of the 606 dropped went off course during the 16-month Canadian air campaign in Iraq, including a small number in Syria.
According to the Canadian air force, there is “no information” about any killed or wounded civilians.
There were other blank spots too. For instance, DND didn’t give CBC News any timeline of the misfires and didn’t provide a reason.
“No weapons system, is 100 percent accurate. On rare occasions, weapons systems are affected by meteorological conditions or experience malfunctions,” Maj. Isabelle Bresse, a spokesperson for the overseas command, told the news outlet in an email.
The documents obtained by CBC, including briefing notes and media strategy lines, showed how the Defence Department tried to bury the episode in Kirkuk.
CBC also notes that although local Iraqi media reported on a separate airstrike the next day – which reportedly killed between five and 13 civilians – there is no indication whether a bomb “malfunction” played a role in the incident which saw an ISIS munitions factory and part of a nearby dairy destroyed.
“There was a weapon malfunction experienced by [redacted] that resulted in this weapon failing to hit the intended target,” said a November 20, 2015, report, obtained by CBC News, apparently referring to the first Kirkuk incident.
“After a close review of the imagery from [redacted] at this time, it unlikely that any [collateral damage] or injury to civilians occurred as a consequence of this weapons malfunction.”
A week later, another report indicated that no reason had been determined for the malfunction.
At the same time, the entry about the mission on the DND website was changing. The initial post said the fighter bomber “successfully struck three separate ISIS fighting positions” near Kirkuk and Mosul, while the revised version changed that to “two” raids near Mosul.
The issue of potential civilian casualties isn’t completely off the table, according to AIRWARS.
“As I understand it Canada’s position is not that it didn’t kill any civilians — only that it’s not aware of having killed any. A subtle, though, important distinction,” said Chris Woods, the director of UK-based Airwars.
His statement was backed by Brig.-Gen. Lise Bourgon, a 2015 Iraqi mission commander, who said, “For the six months that I was there, I can tell you that I saw no evidence that there were civilian casualties in a strike that [occurred] when I was there.”
She added, though, “Am I telling you that I can guarantee that there was not a civilian casualty? I’m not going to guarantee that.”
WikiLeaks trolls Trump hard over president’s ‘Comey tapes’ tweet
“James Comey better hope that there are no ‘tapes’ of our conversations before he starts leaking to the press,” Trump tweeted on Friday, to which WikiLeaks fired a swift call-to-arms response.
Trump fired Comey from his position as FBI director Tuesday. Comey had been leading an investigation into allegations the Trump election campaign colluded with Russia.
In an interview with NBC Thursday he said, “this Russia thing” was on his mind when he fired Comey, but claimed the main reason was due to the condition of the FBI, which he claimed was “in turmoil.”
The president’s latest comments came in a series of tweets where he also warned of possible new White House protocols following criticism of his media “surrogates.” Trump asked if he should cancel all press briefings and instead hand out “written responses for the sake of accuracy?”
Just not possible for my team to be accurate in press briefings – Trump https://on.rt.com/8bgr
Just not possible for my team to be accurate in press briefings – US president — RT America
US President Donald Trump has suggested cancelling future press briefings in favor of written statements from his administration because of media complaints about lack of “accuracy” of his “surroga…
WikiLeaks, which released the latest instalment in its #Vault7 series of leaks about alleged CIA malware ops on Friday, is no stranger to trolling.
In March it posted a link to a CIA internship program asking, “Whistleblowing opportunity?”