A powerful ransomware cyber attack is spreading across the world, with major telecommunications company Telefonica having reportedly fallen victim to the attack.
The attack is appearing all over the world, but is appearing in high concentration in Spain.
The situation has reached such a severe level that IT staff are hurriedly telling employees to turn off their computers so as to prevent the malicious software from spreading any further, indicating the depth to which it has penetrated the company’s defences.
The ransomware cyber attack has been identified as version 2.0 of the WCry ransomware, otherwise known as WannaCry or WanaCryptor.
Version 2.0 has been discovered for the first time by security researcher MalwareHunter, with the previous version having been located and identified in February and March of this year. This indicates a quickly developing attack.
Jakub Kroustek, Threat Lab Team Lead at Avast said: “We have observed a massive peak in WanaCrypt0r 2.0 attacks today, with more than 36,000 detections, so far. An interesting observation we have made is that the attacks today are largely targeting Russia, Ukraine, and Taiwan. This attack once again proves that ransomware is a powerful weapon that can be used against consumers and businesses alike.”
This huge ransomware cyber attack comes shortly after the overall number of attacks in Q1 2017 had dropped compared to the end of last year; this massive attack shows that businesses and organisations cannot afford to let their guard down.
Fraser Kyne, EMEA CTO, Bromium: “This is a classic example of the kind of damage ransomware can do to a business. The fear of further infection has caused Telefonica to effectively create a quarantine zone and shut down its operations until further notice. While these measures do illustrate that the company is taking the threat seriously and is making efforts to stop the contagion from spreading, the response is far from ideal and could end up costing Telefonica a lot in lost productivity.”
The point made here by Mr Kyne emphasises the need for tight security, as well as an effective plan of action in the event of sustaining a major cyber attack.
Mr Kyne said: “At the heart of this problem lies yet another failing of the detect to protect approach to cybersecurity that we see so many organisations continue to rely on. Given that the vast majority of malware is only seen once before it morphs into something else, detection-based security will always be fundamentally flawed. Time and again, we will continue to see stories like this emerge; where the threat isn’t detected until it is too late.