• 登入
  • 立即登記
logo
  • 電腦資訊
0
HK$0
  • 前往購物車
  • 主頁
  • 學校時間表
  • 網上練習及測驗
      • 中文智 Net 星
      • 英文智 Net 星
      • 數學智 Net 星
      • 常識智 Net 星
      • 暑期智 Net 升
      • 劍橋英語:基礎考試 - 網上練習
      • 劍橋英語:基礎考試 - 歷屆試題
  • 網絡保安及支援
      • 學校防火牆
      • 學校支援服務
      • 學校備份系統
      • 影片播放系統
      • 學校電郵系統
      • 學校雲端系統
      • Wifi 900
  • SSL 憑證安裝
  • NOD32
      • NOD32 防毒軟件
      • NOD32 防毒軟件(家用版)
  • Tech. Bulletin
  • eParent
  • 聯絡School Net

勒索軟件再次肆虐全球 造成動盪

Global ransomware attack causes turmoil

BBC News 2017-06-28 11:00:00
http://www.bbc.com/news/technology-40416611

Companies across the globe are reporting that they have been struck by a major ransomware cyber-attack.


British advertising agency WPP is among those to say its IT systems have been disrupted as a consequence.

The virus, the source of which is not yet known, freezes the user's computer and demands an untraceable ransom be paid in the digital Bitcoin currency.

Ukrainian firms, including the state power company and Kiev's main airport, were among the first to report issues.

The Chernobyl nuclear power plant has also had to monitor radiation levels manually after its Windows-based sensors were shut down.

Interpol involvement


In a statement, the US National Security Council said government agencies were investigating the attack and that the US was "determined to hold those responsible accountable".

The US Department of Homeland Security advised victims not to pay the ransom, saying there was no guarantee that access to files would be restored.

The Russian anti-virus firm Kaspersky Lab said its analysis showed that there had been about 2,000 attacks - most in Ukraine, Russia and Poland.

The international police organisation Interpol has said it was "closely monitoring" the situation and liaising with its member countries.

Experts suggest the malware is taking advantage of the same weaknesses used by the WannaCry attack last month.

"It initially appeared to be a variant of a piece of ransomware that emerged last year," said computer scientist Prof Alan Woodward.

"The ransomware was called Petya and the updated version Petrwrap.

"However, now that's not so clear."

The malware hall of fame

WannaCry: Your questions answered

Kaspersky Lab reported that it believed the malware was a "new ransomware that has not been seen before" despite its resemblance to Petya.

As a result, the firm has dubbed it NotPetya. Kaspersky added that it had detected suspected attacks in Poland, Italy, Germany, France and the US in addition to the UK, Russia and Ukraine.

Andrei Barysevich, a spokesman for security firm Recorded Future, told the BBC such attacks would not stop because cyber-thieves found them too lucrative.

"A South Korean hosting firm just paid $1m to get their data back and that's a huge incentive," he said. "It's the biggest incentive you could offer to a cyber-criminal."

A bitcoin wallet associated with the outbreak has received several payments since the outbreak began. The wallet currently holds just over 3.5 bitcoins (£6,775; $8,670).

Cyber-attack: Is my computer at risk?

WannaCry: Your questions answered

An email address associated with the blackmail attempt has been blocked by German independent email provider Posteo.

It means that the blackmailers have not been able to access the mailbox.

Problems have also affected:

- the aircraft manufacturer Antonov, and two postal services - Russia's biggest oil producer, Rosneft - Danish shipping company Maersk, including its container shipping, oil, gas and drilling operations. A port in Mumbai is among those that has halted operations - a Pennsylvania hospital operator, Heritage Valley Health System, which reported its computer network was down, causing operations to be delayed - but it is not yet clear if it was subject to the same type of attack - US food giant Mondelez - whose brands include Oreo and Toblerone. A Cadbury factory in Tasmania, Australia is affected - Netherlands-based shipping company TNT, which said some of its systems needed "remediation" - French construction materials company St Gobain - US pharmaceuticals-maker Merck Sharp & Dohme - The local offices of the law firm DLA Piper - a sign in the firm's Washington DC office said: "Please remove all laptops from docking stations and keep turned off - no exceptions."

The attacks come two months after another global ransomware assault, known as WannaCry, which caused major problems for the UK's National Health Service.

Veteran security expert Chris Wysopal from Veracode said the malware seemed to be spreading via some of the same Windows code loopholes exploited by WannaCry. Many firms did not patch those holes because WannaCry was tackled so quickly, he added.

Those being caught out were also industrial firms that often struggled to apply software patches quickly.

"These organisations typically have a challenge patching all of their machines because so many systems cannot have down time," he said. "Airports also have this challenge."

Copies of the virus have been submitted to online testing systems that check if security software, particularly anti-virus systems, were able to spot and stop it.

"Only two vendors were able to detect it so many systems are defenceless if they are unpatched and relying on anti-virus," he said.

Ukraine seems to have been particularly badly hit this time round.

Reports suggest that the Kiev metro system has stopped accepting payment cards while several chains of petrol stations have suspended operations.

Ukraine's deputy prime minister has tweeted a picture appearing to show government systems have been affected.

His caption reads: "Ta-daaa! Network is down at the Cabinet of Minister's secretariat."

新聞分類

安全性及保安 軟件 硬件 手提電子產品 個人資料 科技 商業

新聞推薦

  • 最新更新
  • 相關類型

Creating strong passwrod

LADDERS 2019-05-30

放棄你以往所認知建立最強密碼的方法,並使用這個新的方法

targeting router

CNet 2018-04-17

美國和英國警告 俄羅斯黑客正瞄準數百萬台路由器

Wi-fi security flaw

BBC News 2017-10-23

Wi-Fi安全漏洞使"網絡設備面臨黑客攻擊的風險"

people-centric security

BBC News 2017-07-28

Facebook 呼籲,科技保安的發展應以人為本

ransomware attack

BBC News 2017-06-28

勒索軟件再次肆虐全球 造成動盪

Whole internet

BBC News Technology 2013-03-21

全球互聯網的不安全設備探測

Shared attack code

BBC News 2016-10-25

由於攻擊代碼在網上分享所引發的網絡攻擊恐慌

Passport Scam

BBC News 2016-09-13

Facebook 「入侵」受害者 揭發假護照騙局

Security flaw in router

TNW News 2015-05-22

在路由器常見的驅動程式找到的安全性漏洞可能危及連接的硬件

Tackle intruders

BBC News Technology 2015-11-06

如何捉住網路入侵者

聯絡 School Net

  • 關於School Net
  • 九龍灣宏光道1號億京中心A座1O樓D室

  • Whatsapp 支援:+852 9025-1174
    銷售熱線:+852 2583-2675
    傳真:+852 3020-2695

  • info@schoolnet.hk

辦公時間

  • 星期一至五(公眾假期除外)

  • 早上九時半至中午十二時半

  • 下午二時至下午五時

  • *如有特別安排,將於網站內公佈

政策及條款

  • 使用條款
  • 退貨及退款政策
  • 隱私政策及安全
  • 付運政策
  • 聯絡我們
  • 校網電郵