A recent malware outbreak in Europe interfered with the digital data of several hospitals, government buildings, and large companies, much like that of the harmful virus discovered this past May.
The virus denied individuals access to important files, showing a near impossible encryption key and requesting a large amount of currency to solve it. It first hit Ukraine and its neighbouring European nations, eventually making its way to the US to infiltrate the systems of giant corporations like Mondelez and Oreo. By the end of the day, the virus had stopped spreading.
Ukraine was hit the hardest by this recent attack, suffering blows to the computer security systems of its government buildings, ATMs, gas stations, grocery stores, energy companies, and even two large international businesses.
Although the source of the virus couldn’t be determined, investigators discovered information in the virus’ code that was taken from the National Security Agency code. This could mean that it was created using tools paid for by US taxes. Much like the May malware incident, this strain of computer virus used NSA-developed digital lock picks that were obtained by members of the Shadowbrokers and shared among the hacking group.
Several security vendors have found that EternalBlue, the malware enabling tool, was what allowed the virus to spread to big company digital networks so quickly on its own. As a precaution, Microsoft ordered a security fix for most of its systems, though advanced viruses can use duplicate data to spread to protected security devices if even one unprotected device is affected.
These kinds of digital viruses, often referred to as worms, are much like real-world airborne diseases. For people to become affected with a cold, they simply need to be exposed to a single person who has the cold virus. Those immune to the virus can still carry it and pass it on to others.
The most recent virus acted the same way the WannaCry virus detected in May did, but its composition turned out to be different. This virus was closely related to GoldenEye and Petya, two malware variations that also gave its victims a sort of ultimatum when present. It’s still unclear why the attack’s orchestrators decided to infect so many major digital lock systems.
Below the currency bargain notification, an email address was posted for victims to write to. All emails sent to that address were never responded to, as the address’s owner deleted the account as soon as they knew it was attached to malware. Because the email address’s owner resides in Berlin, the German police force is looking into solutions and preventative actions.
Unfortunately, deleting the email address attached to the virus could make it impossible for the affected companies to regain access to their digital information. Failing to identify a decryption key or weak spot in the virus could mean permanently lost data. Many businesses are relying on investigators to find a way to get their information back. If no solution is found, there could be data-related issues down the road.