A security expert at Surrey university has claimed that the malware, which affected the National Health Service (NHS) England hospitals and continues to spread across various parts of the world, resembles an exploit of 'EternalBlue'.
'EternalBlue' is the name given to a weakness in Microsoft's security that is thought to have been identified secretly by the United States National Security Agency (NSA).
"From the analysis that has been done, it looks like it is the 'EternalBlue' weakness that has been exploited because it is using the same ports and protocols. We don't know publicly if it is the NSA (that found the vulnerability) but it is widely assumed it is and that is what Shadow Brokers said," The Guardian quoted Prof. Alan Woodward, as saying.
It's also believed that 'WannaCry' works by taking advantage of a flaw in Windows that the NSA knew about, but kept secret.
This particular vulnerability was publically disclosed by a group calling itself Shadow Brokers, which claimed to have stolen it from the NSA, among a cache of files it took.
Meanwhile, Kaspersky Lab, a cybersecurity company based in Moscow, has published a blog post in which it estimates that 45,000 attacks have been carried out in 74 countries, mostly in Russia.
It added that the totals could be "much, much higher."
Earlier, a number of hospitals across England were forced to divert emergency patients after being hit by a suspected cyber attack.
Attacks then began being reported across many other countries, including Turkey, Vietnam, the Philippines, Japan, the U.S., China, Spain, Italy and Taiwan with the majority of affected computers in Russia.
The computers all appeared to be hit with the same ransomware, and similar ransom messages demanding about $300 to unlock their data, The New York Times reports.
The malware was circulated by email; targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.
Portugal Telecom was also hit by a cyber attack but no services were impacted.
"We were the target of an attack, like what is happening in all of Europe, a large scale-attack, but none of our services were affected," a Portugal Telecom spokeswoman said.
Disclaimer: No Business Standard Journalist was involved in creation of this content
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app