Business leaders around the world remain on high alert as a global cyberattack, unprecedented in its scale, was set to spread further this morning.
FedEx, Renault Nissan and Spain’s Telefonica are among companies that confirmed over the weekend their systems had been infected with the ransomware worm, dubbed WannaCry. Authorities estimate it has hit more than 200,000 computers in more than 150 countries.
The virus works by blocking victims’ access to their computers and demanding a ransom, typically of $300 worth of bitcoins, that increases over time.
Britain’s National Health Service was gradually getting its systems back on line over the weekend after the virus caused chaos at some hospitals on Friday, forcing patient operations to be postponed. Even so, authorities are concerned the virus could spread as people return to work this morning and switch on their computers, and amid fears new versions of the virus could be dispatched.
“At the moment, we’re in the face of an escalating threat.”
“At the moment, we’re in the face of an escalating threat,” Europol Executive Director Rob Wainwright told British broadcaster ITV on Sunday.
The massive attack, suspected to be the work of criminals, is perhaps the clearest signal yet that CEOs who haven’t already gotten serious about cybersecurity need to improve their strategy.
As recently reported by Chief Executive, a number of surveys indicate that companies across the world still have large gaps in their cyber defenses—perhaps given the cost and sophistication of the technology involved and difficulty sourcing talented individuals with a full grasp of the risks.
Improving defenses, however, need not always be a complex affair. Many of the computers hit by this most recent attack were more vulnerable to infection because they were still running on old operating systems, such as Windows XP.
Microsoft had already issued a protective “patch” against the virus this year amid revelations malware techniques had been stolen from the U.S. National Security Agency. The current worm is suspected to have stemmed from that theft.
“This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it’s something every top executive should support,” Microsoft president and chief legal officer Brad Smith said in a statement Sunday.
Microsoft on Saturday said it was taking “the highly unusual step” of providing a security update for customers using older platforms including Windows XP, Windows 8 and Windows Server 2003.
Its full guidance to customers can be viewed here.