What is it?
Attackers, using a tool allegedly stolen from the U.S. National SecurityAgency, took advantage of flaws in Microsoft Windows systems to spread malware around the world on Friday. The “ransomware” encrypts files, effectively hijacking computer systems, and demands money, in the form of bitcoin, in exchange for decrypting them. Microsoft Corp. had issued a fix, or patch, for the flaw on March 14.
How big is it?
Kaspersky Lab, an antivirus vendor, said it has tracked 45,000 instances of the attack, dubbed WannaCry, in 74 countries around the world, mostly in Russia. Other hot spots include Ukraine, India and Taiwan. Computer security experts say, however, the virus’s spread has been contained by the actions of a private security researcher who found a “kill switch” inside the virus.
Who has been hit?
Victims include Britain’s National Health Service, FedEx Corp., car makers Nissan Motor Co. and Renault SA, Germany’s biggest train operator as well as Russian banks. China state media reported early Saturday that some gas stations and universities have been affected.
Has anyone paid the ransom?
It is impossible to say. Screenshots of affected computers indicate hackers are asking for as little as $300 in bitcoin from affected users. The chief data officer at Telefónica, a Spanish telecom provider hit by the virus, said in a personal blog post that a bitcoin account associated with the attackers shows they haven’t “achieved much real impact.” That account had received only 25 payments by midafternoon Saturday in Europe. It is very likely though that the attackers used many accounts. U.K. Home Secretary Amber Rudd told the British Broadcasting Corp. that the government has advised the NHS not to pay.