Derive Healthcare has been monitoring news all weekend about, according to reporting from Brian Fung of The Washington Post”, in the 5/14 article entitled, “Computer security experts fear second wave of ‘biggest ransomware attack ever’”, the “malicious ‘ransomware’ attacks that seized computers worldwide Friday and held those systems hostage…” According to the article, the attacks, which first affected Healthcare, “are likely to worsen this week as millions of people return to work — forcing them to discover the hard way whether they have been affected, security analysts said.”
Fung details that, “The software, which first affected Britain’s National Health Service before spreading to as many as 150 countries, locked down victims’ computers and threatened to delete their files unless they paid $300 in bitcoins. It primarily targeted users of Windows XP, an aging operating system for which Microsoft largely ended support in 2014.”
The article goes on to state that “a 22-year-old security researcher, who goes by @MalwareTechBlog on Twitter” discovered that the cyberattackers, “accidentally included a ‘kill switch’ in their software that would allow the owner of a particular website to stop the attack. By paying about $10 to acquire the domain name, the researcher was able to thwart the malware.”
"'If you looked at what the biggest trends all the security companies were highlighting at the beginning of the year, ransomware was in all of their lists,' said Peter Warren Singer, a technologist and senior fellow at the New America Foundation. He added that interventions by independent researchers such as @MalwareTechBlog highlight the benefits of supporting private hacking."
“If there is a lesson from that,” Singer said, it’s that “you want to enable security research and information exchange. You want the curiosity of the good guys to be unleashed as much as possible.”
Currently, public computers running Windows XP, and some large distributed systems in government also “interconnected,” according to the article, and running XP, could wake up today to “a nasty surprise.”
“‘The governments of the world should treat this attack as a wake-up call,’” according, as stated in The Washington Post article, to Microsoft chief legal officer Brad Smith. “They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world.”
The Derive Healthcare team, in concert with our strategic alliance partners, are carefully monitoring calls, requests and automated reports -- wherein Derive supports and monitors firewalls, email gateways, servers, data, storage and backup systems, and end-user systems and images on a managed basis -- from our clients regarding security breaches and irregularities. We also recommend that any legacy users of Windows XP, or any other unsupported systems, modernize their baseline operating systems.
Contact a Derive Healthcare Security Specialist
Please contact a Derive Security Specialist as soon as possible with any questions or concerns by COMPLETING THE FORM ON THIS PAGE (please include "Derive Healthcare Ransomware Protection" in the comments), or by calling (212) 363-1111.