Global Cyberattack WannaCry Continues to Spread

Issues with the “ransomware” attack first seen on Friday continue to damage computers in Europe and Asia

The global cyberattack that first began paralyzing computer systems across Europe and Asia on Friday continues to expand, with more than 200,000 computers across 150 countries hit by the “ransomware” hack that’s been demanding $300 paid in Bitcoin to free up user data.

More than 40,000 new reports have emerged from China, where many had already logged off their work computers by the time the virus began to spread on Friday, according to the New York Times. Large companies and government agencies, including Megafon, the second biggest mobile provider in Russia, international shipping company Fedex, and the National Health Service, Britain’s national healthcare administration, were among the more high-profile victims of the attack, dubbed “WannaCry,” on Friday.

And while the British government stressed only one in five of its NHS hospitals had been struck, 11 of those 47 hospitals still reported issues on Monday — causing delays and cancelled appointments, according to the BBC.

The virus — leaked by the prominent hacker group “The Shadow Brokers” through exploited tools from the National Security Agency  — spreads via email, with users being locked out of their computers until having paid the $300 ransom. On Monday the payoff is expected to rise to $600 for the infected computers. The ransomware exploits a vulnerability in Microsoft Windows XP, which the company had stopped actively supporting in 2014.

Russian President Vladimir Putin didn’t mince words on the topic on Monday, shifting the blame towards US hackers and saying his country had “absolutely nothing to do with this.”

“With regard to the source of these threats, then I believe that Microsoft has spoken directly about this,” Putin said. “They said that the first sources of this virus were the United States intelligence agencies.”

Putin’s claim over the genesis of the cyberattack, however, is misleading. While the hackers used aspects of stolen NSA data to launch the attack, there is no evidence to show the attacks were initiated by U.S. intelligence.

Microsoft issued a patch for the hack earlier in the year, but shared it again on Friday. You can find the patch here.

In a blog post on Sunday, Microsoft President and Chief Legal Officer Brad Smith stressed the importance of companies and governments protecting their data in defending against cyberattacks. “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” said Smith.

The hackers do not appear on their way to living in seclusion on their own private island just yet, though, as they’ve only netted about $50,000 in Bitcoin so far, according to CNBC.

Some beyond the hackers were able to financially benefit from the attacks, with cybersecurity stocks jumping on Monday. Leading companies like Palo Alto Networks, Barracuda Networks, and FireEye Inc. have all seen more than a 3 percent move upward.