The ransomware worm dubbed WannaCry that locked up more than 200,000 computers in more than 150 countries had slowed, but cybersecurity experts said the respite might only be brief. More disruption is expected on Monday when employees return to work.
New versions of the worm are expected, according to experts. The extent and economic cost of the damage from last Friday's attack were unclear, Reuters reported on May 15, 2017.
Microsoft President Brad Smith appeared to tacitly acknowledge in a blog post what researchers had already widely concluded: The ransomware attack leveraged a hacking tool, built by and stolen from the U.S. National Security Agency. He also said that the attack is an example of "why stockpiling vulnerabilities by the government is such a problem." He added that governments around the world should "treat this attack as a wake-up call" and "consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."
The original attack lost momentum after a security researcher took control of a server connected to the outbreak. This crippled a feature that caused the malware to rapidly spread across infected networks. Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading. In some cases, they were machines involved in manufacturing or hospital functions that proved too difficult to patch without possibly disrupting crucial operations, security experts said.
The head of the European Union police agency said on Sunday the cyber assault hit 200,000 victims in at least 150 countries. The number is expected to grow when people return to work on Monday – especially in Asia which may not have seen the worst of the impact yet.