Top Banner

Latest News Slider

Dubai Supreme Council of Energy discusses waste-to-energy strategies

H.H. Sheikh Ahmed bin Saeed Al Maktoum, chairman of the Dubai Supreme Council of Energy presided the 69th meeting held virtually. Saeed Mohammed Al Tayer, vice chairman of the Dubai…

UAE: A hub for digital economy

Adopting the UAE digital economy strategy, His Highness Sheikh Mohammed bin Rashid Al Maktoum said that the goal over the next 10 years is to increase the contribution of this…

ADDC and Abu Dhabi University to advance innovation in utility sector

The Abu Dhabi Distribution Company (ADDC), a subsidiary of Abu Dhabi National Energy Company (TAQA Group), has signed a memorandum of understanding (MoU) with Abu Dhabi University (ADU) to accelerate…

Enough with Covid19

The Corona virus-laden two years drastically transformed how the world operated and functioned. Both governments and their citizens were compelled to go through circumstances that had not been figured in…

UAE to have world's first regulated carbon trading and clearing house

The world’s first fully regulated carbon trading exchange and carbon clearing house is set to be established in Abu Dhabi, the capital of the UAE.

MMP SCWF 728x90

Global “WannaCry” malware attack hits Telefónica, UK’s NHS and more

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

The virus swept across Europe and Asia, locking up critical systems like the UK's National Health Service (NHS), Spain's Telefónica telecommunications company, and other business and institutions around the world. Russia was hit particularly hard by the virus. Victim's computers, once infected, displayed a message demanding the equivalent of around $300 in bitcoin, according to reports.

Telefónica faced an 85 percent computer shutdown after the hackers infiltrated its systems demanding $550,000 in bitcoin. The hack resulted in most staff reportedly abandoning their positions as nine out of ten company machines were infected. The hackers demanded a payment of $300 per machine, roughly equal to 300 bitcoins currently worth around 510,000 euros.

Russia's Interior Ministry announced that its computers had been infected with the malware on Friday. Some 1,000 Windows-operated computers were affected, which is less than one percent of the total number of such computers in the ministry, said spokesperson Irina Volk in a statement. The servers of the ministry haven't been affected, the spokesperson added, saying it's operated by different systems for Russia-developed data processing machines.

Russian telecoms giant Megafon was also affected by the virus. The company's spokesperson Pytor Lidov said Megafon's internal network had been affected, adding that in terms of the company's customer services, the work of the support team had been temporarily hindered, "as operators use computers" to provide their services. Lidov said the company took immediate appropriate measures, and said the virus didn't affect subscribers' devices or Megafon signal capabilities.

The attack was eventually thwarted by a malware analysis expert who calls himself MalwareTech who stumbled across a way to stop it by locking computers and slowing its spread. One of the first things that slowed the virus was a rare emergency patch released by Microsoft to help protect Windows XP devices from the virus' reach (even though the company hasn't officially supported XP since 2014).

The other strike of hope came from MalwareTech, who was working to reverse-engineer samples of the WannaCry virus on Friday, when he discovered that the ransonware's programmers had built it to check whether a certain gibberish URL led to a live web page, WIRED reported. MalwareTech wondered why the ransomware would look for that domain, so he registered it himself. Luckily that $10.69 investment was enough to shut down the entire operation.

As long as the domain was unregistered and inactive, the query had no effect on the ransomware's spread, the report explains. But once the ransomware checked the URL and found it active, it stopped. Analysts such as Darian Huss, senior security research engineer at the security intelligence firm Proofpoint, believe that the functionality was put in place as an intentional kill-switch, in case the hackers wanted to halt their virus spread.

"Based on the behavior implemented in the code, the kill-switch was most likely intentional," he said. MalwareTech believes that the hackers might have included the feature to shield the ransomware from analysis by security professionals.