Europol: There's no 'kill switch' for malware attack
Posted June 28
Europol warned Wednesday that there's not yet a "kill switch" able to stop the cyberattack that has slammed businesses around the world.
The ransomware virus spread quickly beginning on Tuesday, shutting down entire computer networks and demanding users pay a ransom to get their files back.
"This is another serious ransomware attack with global impact, although the number of victims is not yet known," said Europol executive director Rob Wainwright. "It is a demonstration of how cybercrime evolves at scale."
The Moscow-based cybersecurity firm Group IB estimated that about 100 companies and organizations have been hit by the virus. The victims are spread around the globe and across different industries, including banking, transportation, energy and even candy.
They include big global brands like snack maker Mondelez, British advertising giant WPP and the real estate division of French bank BNP Paribas. Ukrainian companies and government agencies seem to have been hit particularly hard by the virus.
The ransomware infects computers and locks down their hard drives. It demands a $300 ransom in the anonymous digital currency Bitcoin.
Related: What is ransomware?
The email account associated with the ransomware has been blocked, so even if victims pay, they won't get their files back.
Law enforcement and cybersecurity experts agree that victims should never pay ransoms for such attacks.
"Do not pay," warned Europol on Wednesday. "You will not only be financing criminals, but it is unlikely that you will regain access to your files."
Related: Who's been hit?
Researchers said the ransomware virus is a worm that infects networks by moving from computer to computer.
It uses a hacking tool called EternalBlue, which takes advantage of a weakness in Microsoft Windows. Microsoft released a patch for the flaw in March, but not all companies have used it.
Related: Facebook hits 2 billion monthly users
EternalBlue was in a batch of hacking tools leaked earlier this year that are believed to have belonged to the U.S. National Security Agency.
Europol offered advice on how to protect computers that have not yet been infected:
Keep all apps and operating systems up-to-date on your electronic devicesBack-up your files and dataDo not click on attachments or links that come in suspicious or unexpected emails