Thursday, January 18, 2018
Business

Experts warn that Friday's cyberattack havoc could grow as new work week begins

LONDON — An unprecedented "ransomware" cyberattack that has already hit tens of thousands of victims in 150 countries could wreak even more havoc Monday as people return to their desks and power up their computers at the start of the work week.

Officials and experts on Sunday urged organizations and companies to update their operating systems immediately to ensure they aren't vulnerable to a second, more powerful version of the malicious software. The cyberattack paralyzed computers that run Britain's hospital network, Germany's national railway and scores of other companies and government agencies worldwide.

The attack, already believed to be the biggest online extortion scheme ever recorded, is an "escalating threat" after hitting 200,000 victims across the world since Friday, according to the head of Europol, Europe's policing agency.

"The numbers are still going up," he said. "We've seen that the slowdown of the infection rate over Friday night, after a temporary fix around it, has now been overcome by a second variation the criminals have released."

His concerns were echoed by James Clapper, former director of national intelligence under President Barack Obama. In an interview on ABC's "This Week," Clapper said the worry was "this ransomware attack will be even larger" as people return to their desks after the weekend.

The 200,000 victims included more than 100,000 organizations, Europol spokesman Jan Op Gen Oorth told the Associated Press. He said it was too early to say who was behind the onslaught and what their motivation was, aside from the obvious demand for money. So far, he said, not many people have paid the ransom demanded by the malware.

The attack held users hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment — $300 at first, rising to $600 before it destroys files hours later.

The effects were felt across the globe, with Britain's National Health Service, Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp. in the U.S. and French carmaker Renault all reporting disruptions.

Chinese media reported Sunday that students at several universities were hit, blocking access to their thesis papers and dissertation presentations.

Had it not been for a young British cybersecurity researcher's accidental discovery of a so-called "kill switch," the malicious software likely would have spread much farther and faster.

The 22-year-old researcher known as "MalwareTech," who wanted to remain anonymous, said he spotted a hidden web address in the "WannaCry" code and made it official by registering its domain name. That move, which cost just $10.69, redirected the attacks to the server of Kryptos Logic, the security company where he works. The server operates as a "sinkhole" to collect information about malware — and in Friday's case kept the malware from escaping.

While that quick thinking may have slowed the outbreak, MalwareTech said he was now looking into a possible second wave of attacks.

"It's quite an easy change to make, to bypass the way we stopped it," he told the AP.

Darien Huss, a 28-year-old research engineer who helped MalwareTech, agreed the threat was far from over.

"We could potentially see copycats mimic the delivery or exploit method they used," he said.

Both joined security officials in urging organizations to protect themselves by installing security fixes right away, running antivirus software and backing up data elsewhere.

"Just patch their systems as soon as possible," MalwareTech said. "It won't be too late as long as they're not infected. It should just be a case of making sure installing updates is enabled, installing the updates, and reboot."

The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes. The NSA tools were stolen by hackers and dumped on the internet.

Experts say this vulnerability has been understood among experts for months, yet too many groups failed to take it seriously. Microsoft had "patched," or fixed it, in updates of recent versions of Windows since March, but many users did not apply the software fix.

Worse, the malware was able to create so much chaos because it was designed to self-replicate like a virus, spreading quickly once inside university, business and government networks.

Microsoft was quick to change its policy, announcing free security patches to fix this vulnerability in the older Windows systems still used by millions of individuals and smaller businesses. Before Friday's attack, Microsoft had made fixes for older systems, such as 2001's Windows XP, available only to those who paid extra for extended technical support.

"The problem is the larger organizations are still running on old, no longer supported operating systems," said Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com. "So they no longer get the security updates they should be."

Short of paying, options for those already infected are usually limited to recovering data files from a backup, if available, or living without them.

British cybersecurity expert Graham Cluley doesn't want to blame the NSA for the attack.

"There are other criminals who've launched this attack, and they are ultimately responsible for this," he said. "But there's clearly some culpability on the part of the U.S. intelligence services. Because they could have done something ages ago to get this problem fixed, and they didn't do it."

He said most people "are living an online life," and these agencies have a duty to protect their countries' citizens in that realm as well.

"Obviously, they want those tools in order to spy on people of interest, on other countries, to conduct surveillance," Cluley said. "It's a handy thing to have, but it's a dangerous thing to have. Because they can be used against you. And that's what's happening right now."

Comments
Crystal Lagoon planners brace for chilly ribbon cutting today

Crystal Lagoon planners brace for chilly ribbon cutting today

WESLEY CHAPEL — Mother Nature seems to have a way of putting a chill on one of the hottest amenities in residential real estate development.Members of the business community, elected officials and officers with Metro Development Group and Crystal Lag...
Published: 01/18/18
Apple to build second campus, hire 20,000 in $350B pledge

Apple to build second campus, hire 20,000 in $350B pledge

Associated PressSAN FRANCISCO — Apple is planning to build another corporate campus and hire 20,000 workers during the next five years as part of a $350 billion commitment to the United States that will be partially financed by an upcoming windfall f...
Updated: 11 hours ago
Water Street Tampa developers seek artist and design for $600,000 outdoor art near USF med school

Water Street Tampa developers seek artist and design for $600,000 outdoor art near USF med school

TAMPA — Water Street Tampa called Wednesday for artists to send in their ideas for a big piece of public art for the outdoor plaza between one of the $3 billion project’s office buildings and the new University of South Florida Morsani College of Med...
Published: 01/17/18
Tourism brought in record $112 billion to Florida in 2016

Tourism brought in record $112 billion to Florida in 2016

Tourism brought in a record $112 billion to Florida’s economy in 2016, up about 3 percent from 2015, according to Visit Florida figures released Wednesday. About 10 percent — $88 billion — of the state’s gross domestic product came from tourism in 20...
Published: 01/17/18
Time to carbo load: Three new bakeries include an Australian bakery, second La Segunda

Time to carbo load: Three new bakeries include an Australian bakery, second La Segunda

LA SEGUNDAA Tampa Bay giant has stirred and is on the move. La Segunda Central Bakery, a family-owned Ybor City institution for nearly 103 years (they celebrated that birthday Jan. 15) and the largest producer of Cuban bread in the world, will open a...
Published: 01/17/18
Dow Jones closes above 26,000 for first time

Dow Jones closes above 26,000 for first time

The latest on developments in financial markets (All times local):4 p.m.Stocks are closing higher on Wall Street, sending the Dow Jones industrial average to its first close above 26,000 points.The Dow had traded above that level on Tuesday but wound...
Published: 01/17/18
Pasco goats somehow make yoga less weird

Pasco goats somehow make yoga less weird

DADE CITY — More than 36 million Americans practice yoga, but many people still feel intimidated by the ancient method of controlling the body and mind through physical and mental practices.Perhaps it is the daunting terms or confusing poses that cau...
Published: 01/17/18
Behold: The fastest cars at this year’s Detroit Auto Show

Behold: The fastest cars at this year’s Detroit Auto Show

DETROIT — Despite all the hype surrounding auto shows, let’s get real for a moment: The majority of the vehicles on display will end up ferrying kids to soccer practice, embarking on road trips and commuting between work and home each day.That’s unde...
Published: 01/17/18
This is why clothing companies want to know about your weight, jobs and past pregnancies

This is why clothing companies want to know about your weight, jobs and past pregnancies

The first step for a shopper buying a suit at the fast-growing menswear retailer Indochino is sharing his personal information: A salesperson armed with an iPad measures nearly everything on his body, from the distance between his belly button and re...
Published: 01/17/18
TECO, Duke linemen to help restore power in Puerto Rico

TECO, Duke linemen to help restore power in Puerto Rico

TAMPA — As more than 1.5 million people in Puerto Rico remain powerless, local linemen are stepping up and flying out to the island to help restore electricity. On Wednesday morning, 25 linemen boarded a flight from Tampa International Airport to Pu...
Published: 01/17/18