Brand owners around the world are bracing themselves for a fresh wave of ransomware attacks following warnings that the WannaCry virus could spring back to life again as workers return to the office.
So far, much of the media coverage has concentrated on the NHS, but the attack has so far hit over 100,000 organisations in 150 countries, including telecoms giant Telefonica, FedEx, Renault, Hitachi, Nissan and Germany’s rail network Deutsche Bahn.
However, it is feared that many firms will keep quiet about whether they have been hacked and simply pay up.
Cybersecurity company Herjavec Group predicted that the total cost of damages related to attacks using file-locking software reached $1bn in 2016 but this particular attack is unprecedented, largely because the ransomware was combined with a worm-like functionality that allowed the infection to spread rapidly from PC to PC.
After the impact of the first ransomware attack waned, a second wave was launched that increased the impact further.
Tenable Network Security EMEA technical director Gavin Millard said: “With the success of the initial infection of WannaCry, it wouldn’t be at all surprising to see the next iteration released soon. Although there has been a significant amount of interest in the media and inescapable coverage of the outbreak, many systems will still be lacking the patch required to mitigate the threat.”
The UK’s National Cyber Security Centre said: “It is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks.
“This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale.”
The NCSC said there had been attempts to attack organisations beyond the NHS and that it was “absolutely imperative” any organisation that believes it may be affected follows and implements the correct guidance.
The agency also said companies should back up the data that matters because “you can’t be held to ransom for data you hold somewhere else”.
Meanwhile, Microsoft has blamed governments for storing information on software vulnerabilities which could then be accessed by hackers. It claimed the latest virus exploits a flaw in Microsoft Windows which was identified by US intelligence services and stolen from them.
Microsoft president and chief legal officer Brad Smith said: “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.
“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen. The governments of the world should treat this attack as a wake-up call.”
Related stories
Independent falls victim to new ransomware attack
Mail Online serves up rogue ad in network breach
HuffPost hit by AOL malware scam
The naked truth about online data