'WannaCry' worms its way worldwide
Windows computers around the world have been hit by ransomware based on exploits developed by the US Government.
The ‘WannaCrypt’ ransomware worm is spreading, infecting out-of-support Windows XP, Windows 8, and Windows Server 2003 operating systems where it is able to encrypt files on victims' computers with a 2048-bit AES algorithm, and then fill the screen with demands for a ransom of up to US$600 payable in Bitcoin.
WannaCrypt uses two exploits leaked by the ShadowBrokers hackers earlier this year.
The exploits were developed by the US National Security Agency - code named ETERNALBLUE and DOUBLEPULSAR - to target the Windows Server Message Block (SMB) version 1 file-sharing protocol.
The worm infects unpatched Windows computers that respond to SMBv1 requests over networks.
In Australia, the Prime Minister's cybersecurity adviser Alastair MacGibbon says critical infrastructure has not yet been damaged.
“We will see more victims here and that's very sad always,” Mr MacGibbon told the ABC.
“It's always bad for any businesses to be a victim of crime, but as a whole of nation we can be confident so far that we have missed the worst of this.
“We've seen no impact in the health system which is important, we've had no reports of any government agencies impacted by this.”
But Mr MacGibbon said the ransomware could be adapted.
“Unfortunately, there are some very smart and bad people out there who spend their times trying to make things worse for us, and this is not game over for us,” he said.
“We have seen no spike in accounts, so that gives us some hope that when we turn on our computers in Australia we won't see a huge spike.”