Update 2 (May 15, 2017) : New variants of Wannacry Ransomware continue to attack individuals and organizations. The original version and one updated version were luckily be able to be stopped from spreading, due to a kill switch that was found by a security researcher accidentally. Now victims number in the hundreds of thousands, all over the world. For those of you who have Windows XP or earlier versions (which are the ones worst affected by this, you can download a security patch from Microsoft here)
Note that the patch will protect you only if you install it BEFORE the ransomware hits, once it gets inside there is nothing that can be done except reformat your drive and install the OS again (meaning you need to have backups of data stored offline on an external hard drive, with no incremental backups( because the malware could be hiding there))
Update 1- Nissan plant in Sunderland has been affected by this attack, so finally vulnerable industrial systems are also getting affected.
Nissan plant in Sunderland says it has been affected by ransomware attack and it is “working to resolve issue” https://t.co/RUpMPDlIW8
— BBC Breaking News (@BBCBreaking) May 13, 2017
May 13, 2017- Since yesterday a massive cyber attack is in progress, launched against a slew of targets including British hospitals under the NHS and German Rail networks. These attacks have also now spread to other countries such as the US, Spain (where their telecom companies have got affected) and even Russia (a lot of Russian government networks seem to have been affected). So far it is not clear if any Industrial Control Systems have been affected.
It is unclear how the payload was dropped onto the affected machines, because now most people are cautious not to open suspicious attachments in emails or click links in messages from unknown persons. The scale and speed of the spread of the malware is stupendous, as now over 57,000 individual PCs seem to have been affected. The infected computer locks out all the files and the user is unable to access anything. A message is shown that asks about $300 in ransom to unlock the machine.
You may be wondering why has this news been posted on an Industrial Safety blog?
Simple, because such malware can easily affect Industrial Systems and cause chaos. Imagine if a plant control or safety system were to get affected in such a manner- you would not be able to shut down the plant! Owner Operators, as well as Engineering Design companies, Industrial Automation vendors and Safety Instrumented System vendors should take care that their systems are well protected against such attacks.
To understand how to do this, you can take this Industrial Cyber Security Training now. Note that industrial cybersecurity is a completely different animal from business or IT system cybersecurity. You need to know how to protect Industrial Systems (such as DCS/PLC/SIS/SCADA) from cyber attacks such as these and many others. Conventional protection methods such as Firewalls, Anti Virus software or even Intrusion Detection Systems may not work where Industrial systems are concerned.
Since this website reports such attacks, we also have been the target of these malware purveyors and have seen hacking attempts by an army of bots that try to login at the rate of several times per second!