Cyberattack Hits Nearly 100 Countries and Thousands of Computers – NBCNews.com

Gillian Hamm, a general practitioner in England, received this message on her computer Friday. Gillian Hann via Twitter

"It's a small ransom," said Gene Spafford, founder and executive director emeritus of Purdue University's Center for Education and Research in Information Assurance and Security. "But if you set the price too high then many of their victims won't pay."

Spafford said ransomware typically targets those without strong security in place, such as home users and small companies.

Hospitals and larger companies might be susceptible, he added, if they're slow to fully upgrade their networks or use pirated programs.

This particular ransomware is "using this flaw in the file-sharing that is giving it apparently a real boost," Spafford said.

He added that companies are at the mercy of the hackers, who could decide if their ransomware becomes too big they might decide "not to cash out because they're worried about being traced" and tipping off authorities about their whereabouts.

Spanish telecom giant Telefonica confirmed in a statement that a "cybersecurity incident" occurred Friday that affected the computers at its Madrid headquarters.

A Telefonica spokesman told Reuters that a window appeared on its computers also demanding a bitcoin payment in order to regain control.

Spain's National Cryptology Center said that an attack had been launched "against various organizations" in the country through their Windows systems, and other companies were taking preventative measures.

It wasn't just companies affected by this particular ransomware.

The mayor of the small community of Timra, Sweden population 10,000 told Reuters it has "around 70 computers that have had a dangerous code installed."

Josh Feinblum, vice president of information security at the cybersecurity company Rapid7, said companies should back up data and ensure their systems are as up to date as possible. He said the speed at which the ransomware spread is unusual.

"I think what was unique about this ransomware is that it essentially used a security flaw in a very common set of software that allowed it to self-replicate across the facilities and environments that it was in," Feinblum said.

"And that's not very typical in the ransomware world and that's something that we haven't really seen at scale in a long time," he said.

Read this article:
Cyberattack Hits Nearly 100 Countries and Thousands of Computers - NBCNews.com