A global cyber-attack using hacking tools believed to have been created by the US National Security Agency (NSA) has infected tens of thousands of computers in nearly 100 countries last week. It appears this could be the same cyber-attack that has crippled the Road Transport and Safety Agency (RSTA) and other institutions such as banks offering online services in Zambia. Online services have been severely disrupted in recent days.
The cyber-attack, which is classified as cyber-extortion, has disrupted services provided by hospitals, police departments, public transportation systems and utilities across the globe, including the United States and Europe.
Cyber-extortionists on Friday tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings, and other legitimate files.
The ransomware then encrypted data on the computers, demanding payments of $300-$600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the digital extortionists.
Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries with Russia, Ukraine, and Taiwan the top targets. The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers.
The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm”, or self-spreading malware, by exploiting a piece of NSA code known as “Eternal Blue”, which was released last month by a group known as the Shadow Brokers, researchers with several private cyber-security firms said.
“This is one of the largest global ransomware attacks the cyber-community has ever seen,” said Rich Barger, director of threat research with Splunk, one of the firms that linked WannaCry to the NSA.
The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the US spy agency.
On Friday, Russia’s interior and emergencies ministries, as well as the country’s biggest bank, Sberbank, said they were targeted. The interior ministry said on its website about 1,000 computers had been infected but it its cyber-security systems had localized and neutralized the virus.
It is high time that the Zambian Government invested heavily in cyber-security because cyber criminals now know they can hit everyone across the globe and therefore, ransomware attacks are most likely to worsen. They will start to target vulnerable nations, like Zambia, which may not be well prepared for such attacks.
Green Party of Zambia