A new vulnerability has been found in widely used software, leading to fears of another cyber attack on the scale of the recent WannaCry breach.
A few weeks ago, the UK’s National Health Service (NHS) and around 300,000 computers worldwide were taken down by a cyber attack in the form of malicious software being used to ransom computer files.
Access to files was denied unless a Bitcoin ransom worth $300 was paid.
Cyber security specialists believe there is evidence to link North Korean hackers with the attack.
Now, it appears the US department of homeland security has found a new vulnerability, which if exploited, could take control of an affected computer. It has urged users and administrators to patch up the hole.
Rebekah Brown, from cybersecurity company Rapid7, told Reuters it had found more than 100,000 computers running vulnerable versions of the free networking software, named Samba, developed for Linux and Unix computers. Rapid7’s researchers found a hole and developed malware for it in only 15 minutes.
This one seems to be very, very easy to exploit.
In particular, most of the computers found were running older versions of the software that couldn’t be patched, which was a characteristic of the WannaCry hack too.
The WannaCry hack shocked the world, mainly because it was the biggest ransomware attack to happen globally, and its effects are still being felt.
Blockchain intelligence company Elliptic is tracking the payments that have come to three Bitcoin addresses known to be associated with the attack that took place on 12 May.
So far, $133,636.03 has been made from the computers that were attacked.
The latest payment was made today, 25 May, nearly two weeks after the attack which demonstrates how far-reaching it has been – and for the hackers, how successful.
When the hack hit the NHS computers, it affected x-ray imaging systems, pathology test results, phone and bleep systems and patient administration systems at hospitals up and down the country.
Teleco companies in Europe, including Spanish-based Telfonica and Vodafone’s Spanish unit were affected. As well, energy company Iberdrola, which owns the UK-based company Scottish Power, was hit too.
When critical infrastructure such as this is compromised in a hack, particularly one that stretches across the globe, it demonstrates that companies need to ensure that they are doing enough to protect their own infrastructure from attacks such as this.