Cyberattack Hits Ukraine Then Spreads Internationally
“The more bureaucratic an organization is, the higher chance it won’t have updated its software.”
Because the ransomware used at least two other ways to spread on Tuesday — including stealing victims’ credentials — even those who used the Microsoft patch could be vulnerable
and potential targets for later attacks, according to researchers at F-Secure, a Finnish cybersecurity firm, and others.
The new attack used the same National Security Agency hacking tool, Eternal Blue,
that was used in the WannaCry episode, as well as two other methods to promote its spread, according to researchers at the computer security company Symantec.
The attack is “an improved and more lethal version of WannaCry,” said Matthieu Suiche, a security researcher who
helped contain the spread of the WannaCry ransomware when he created a kill switch that stopped the attacks.
needs to take a leadership role in working closely with security and operating system platform vendors such as Apple and Microsoft to address the plague
that they’ve unleashed,” said Golan Ben-Oni, the global chief information officer at IDT, a Newark-based conglomerate hit by a separate attack in April that used the agency’s hacking tools.
At Kiev’s central post office, a few bewildered customers milled about, holding parcels
and letters, looking at a sign that said, “Closed for technical reasons.”
The hackers compromised Ukrainian accounting software mandated to be used in various industries in the country, including government agencies
and banks, according to researchers at Cisco Talos, the security division of the computer networking company.
