Calls grow for NSA to help battle ransomware attacks
NEW ATTACK USED SAME NSA HACKING TOOL, ETERNAL BLUE, USED IN WANNACRY EPISODE
C omputer systems from Ukraine to the United States were struck Tuesday in an international cyberattack that was similar to a recent assault that crippled tens of thousands of machines worldwide.
In Kiev, the capital of Ukraine, ATMs stopped working. About 80 miles (129km) away, workers were forced to manually monitor radiation at the old Chernobyl nuclear plant when their computers failed. And tech managers at companies around the world, from Maersk, the Danish shipping conglomerate, to Merck, the drug giant in the United States, were scrambling to respond. Even an Australian factory for chocolate giant Cadbury was affected.
It was unclear who was behind this cyberattack, and the extent of its effect was still hard to gauge Tuesday.
It started as an attack on Ukrainian government and business computer systems. The attack spread from there, causing collateral damage around the world.
The outbreak was the latest and perhaps the most sophisticated in a series of attacks making use of dozens of hacking tools that were stolen from the National Security Agency and leaked online in April by a group called the Shadow Brokers.
Like the WannaCry attacks in May, the latest global hacking took control of computers and demanded digital ransom from their owners to regain access.
The new attack used the same NSA hacking tool, Eternal Blue, that was used in the WannaCry episode, as well as two other methods to promote its spread, according to researchers at the computer security company Symantec.
NSA fails to acknowledge
A spokesman for the NSA referred questions about the attack to the Department of Homeland Security. The NSA has not acknowledged its tools were used in WannaCry or other attacks. But computer security specialists are demanding that the agency help the rest of the world defend against the weapons it created.
“The NSA needs to take a leadership role in working closely with security and operating system platform vendors such as Apple and Microsoft to address the plague that they’ve unleashed,” said Golan Ben-Oni, the global chief information officer at IDT, a Newark, New Jersey-based conglomerate hit by a separate attack in April that used the agency’s hacking tools. BenOni warned federal officials that more serious attacks were probably on the horizon. The vulnerability in Windows software used by Eternal Blue was patched by Microsoft in March, but as the WannaCry attacks demonstrated, hundreds of thousands of groups around the world failed to properly install the fix.
Ukrainian officials pointed a finger at Russia on Tuesday, although Russian companies were also affected.
In USA, DLA Piper, the multinational law firm, also reported being hit. Hospitals in Pennsylvania were being forced to cancel operations after the attack hit computers. The ransomware also hurt Australian branches of international companies.
Computer specialists said the ransomware was very similar to a virus that emerged last year called Petya. Petya means “Little Peter,” in Russian, leading some to speculate the name referred to Sergei Prokofiev’s 1936 symphony Peter and the Wolf, about a boy who captures a wolf.