On Monday, when millions of workers are ramping up their Windows machines, the cyber-attack could go into new dimensions.
The Ransomware “WannaCry” should have already arrived in countless computers and will spread like a computer worm after the ramp up of the systems.
The result: millions of computers are encrypted and only released for ransom.
It is probably the worst cyber-attack of all time, which has been running worldwide since the weekend. Since Friday evening the Ransomware WannaCry spreads on the Internet.
Windows systems below Windows 10, which are not up to date, are affected. Currently, 200,000 companies, systems and private individuals are to be affected in 150 countries.
Renault interrupts the production, the railway also affected
Large companies are also affected. Thus the systems of the German railways and their logistical village Schenker are affected.
Although the train traffic was not affected directly, but very much internal systems.
Train displays and ticket machines are hacked and no longer work.
In Great Britain, the computers of the national health care system NHS were affected, as some hospitals could no longer work, patients had to be relocated.
In France the Auto Bauer Renault has interrupted the production in several plants for safety reasons.
Even the Telefonica has WannaCry in the house
In Spain even the IT Company Telefonica is victims of the hacker attack. Surprisingly, even an IT company does not protect its systems sufficiently against Ransomware.
This is because the hackers used a security hole in Windows, which had been set up specifically for the NSA. This gap has all Windows operating.
However, Microsoft offered a security patch in March, but this was apparently not played by many Windows users.
Of Telefonica also not?
If they had better, WannaCry would not have had a chance. On Saturday, Microsoft has responded and has also made updates for systems on its servers, which are officially no longer used as Windows XP and Windows Server 2003.
WannaCry encrypts the data and requests ransom
But what exactly does the Kryptotrojaner do? WannaCry spreads by e-mail.
The ransomware encrypts the data of the computer when the e-mail is opened.
Then the blackmailers demand the payment of 300 dollars of ransom by the 15th of May in the form of bitcoins ,which again raises the question, why this cyber currency, which allows criminals in particular to postpone anonymous money, still exists?
Malicious software is spreading in company networks
If the affected parties do not pay until Monday, the ransom claim doubles to 600 dollars, until 19 May.
If not paid, the data of the computer should be deleted.
But even Windows users, who have sent the e-mail directly into the paper basket, are not out of the ordinary.
Apparently the software spreads in a company, as soon as it was opened on a single computer.
Afterwards, WannaCry tries to infect other computers, directly and without sending e-mails. In this respect, the software with the new working day could only really get in motion.
Meanwhile, the BKA has taken over the investigation in Germany. Government networks are reportedly not to be affected. What companies are affected in Germany is not yet clear.
The Federal Office for Information Security (BSI) asks all companies to report if they are affected.
BSI speaks of a wake- up call for the companies
The BSI advises companies to immediately check the Windows software on all computers. “The Microsoft software patch from March 14, 2017 (MS17-010) prevents the malicious software from spreading,” the BSI said.
In addition, the BSI has summarized the main points of what is to be done in a dossier, which can be downloaded from the BSI website.
Through the channels of CERT-Bund, UP KRITIS and Allianz for Cyber-safety, the BSI provides additional information and recommendations for business and administration.
BSI President Arne Schönbohm said in an open statement that the great impact of the Ransom ware is only possible because the Windows systems are not kept up to date.
The current attack he calls a wake-up call. “The current weakness has been known for months, and corresponding safety updates are available. We strongly advise you to put them in. ”
Also already affected hospitals in Germany
The fact that malicious software encrypts sensitive data and releases it again against ransom is not new.
Hospitals were also affected in Germany. Last year, a hospital in Arnsberg was attacked. Similar cases have already occurred in Cologne, Essen, Mönchengladbach and Kleve.