Cybersecurity experts warn that hundreds of thousands of computer users across the globe remain vulnerable following a large-scale virus attack in recent days. The so-called ‘ransomware’ virus struck governments and companies around the world, as Henry Ridgwell reports from London.
…
Month: May 2017
Recently Arrested Rapper Charged Before for Encouraging Fans to Rush the Stage
Rapper Travis Scott’s recent arrest after a concert in Arkansas is not his first on accusations of encouraging fans to join him on stage.
Police in Rogers say the Houston-born musician, whose real name is Jacques Webster, was arrested Saturday night on charges of inciting a riot, disorderly conduct and endangering the welfare of a minor.
Police say Webster encouraged fans to bypass security and rush the stage, leaving a security guard, a police officer and several others injured.
The Associated Press has sought comment from Webster’s representatives.
Webster was sentenced to one year of court supervision after pleading guilty to reckless conduct charges stemming from a 2015 incident in Chicago at the Lollapalooza music festival. Chicago officials said Webster encouraged fans to vault security barricades. No one was injured.
…
Beyonce, Bruno Mars Lead BET Awards Nominations
Beyonce dominated last year’s BET Awards with “Lemonade,” but there’s more juice in her cup.
The pop star is nominated for seven awards at the 2017 BET Awards, the network told The Associated Press on Monday. The show will take place June 25 at the Microsoft Theater in Los Angeles.
Bruno Mars follows Beyonce with five nominations.
Beyonce, who won video of the year with “Formation” last year, is nominated for the top prize again with “Sorry.” Her competition includes her sister Solange (“Cranes In the Sky”); Mars’ playful “24K Magic”; Migos’ No. 1 hit “Bad and Boujee”; and Big Sean’s anthemic “Bounce Back.”
Beyonce and Solange — who has four nominations — will go head-to-head for best female R&B/pop artist, along with Rihanna, Mary J. Blige and Kehlani. Beyonce’s other nominations include album of the year for “Lemonade,” the viewer’s choice award and video director of the year. She’s nominated twice for best collaboration with the songs “Freedom” (with Kendrick Lamar) and “Shining” (shared with Jay Z and DJ Khaled).
The winners in the 19 categories, including film and sports awards, will be selected by BET’s Voting Academy, comprised of entertainment professionals and fans.
Mars, whose latest album was inspired by `90s R&B, is also nominated for best male R&B/pop artist, album of the year, the viewer’s choice award and video director of the year.
Chance the Rapper, who scored four nominations and won three Grammys this year, will battle Lamar, Drake, J. Cole, Future and Big Sean for best male hip-hop artist. Nicki Minaj will compete with rival Remy Ma for best female hip-hop artist, an award Minaj has won since 2010.
Hip-hop trio Migos also scored four nominations.
…
Metropolitan Museum of Art Works to Rebound from Money Woes
The Metropolitan Museum of Art, a behemoth of culture and wealth, is rebounding from more than a year of internal turmoil and financial problems.
As part of its recovery efforts, the museum is considering a mandatory admissions fee for visitors from outside New York state. The set fee, possibly $25 for adults, would be the first in the venerable museum’s 147-year history.
Facing a $15 million operating deficit, the Met filed a formal proposal with New York City this month to charge visitors who don’t live in the state a set admission, instead of the current voluntary contribution.
“We’ve had financial challenges — significant ones — over the last couple of years that have culminated over the past year, and a rather significant need to reorganize the institution and to retrench our finances,” said Daniel Weiss, the museum’s president.
About 100 staff positions have been eliminated through buyouts and layoffs. The number of special exhibits staged each year is being slashed from 55 to about 40. A $600 million new wing that had been planned, but not fully financed, is postponed indefinitely. Instead, the Met will be focusing on more pressing capital needs, Weiss said, including spending as much as $100 million to replace a block-long “ocean of bad skylights” built in the 1930s over art galleries.
Met director and chief executive Thomas Campbell stunned the art world in February by announcing his resignation, amid criticism of the museum’s financial management.
“It was clear we were on a path that was not sustainable, and if we didn’t deal with it, it was going to get worse in a hurry,” said Weiss, who took the reins from Campbell and is now the interim CEO.
He blamed the museum’s financial problems on “a perfect storm” of money-sucking factors: too many costly special exhibitions; restaurants and gift shops where revenues declined; and public programming that was overly ambitious.
Revenue from admissions and membership also had slipped.
But make no mistake, there’s no immediate danger to the museum, which has endowments of $3 billion.
Admissions fees might help ease the current budget deficit, which was about 5 percent of the $315 million in operating costs in 2016.
“The deficit is not high compared to the total budget, but remember, these numbers are not just about the money: Donors want to back a winning story, and any indication that it’s not makes them skittish,” said Andrew Taylor, an arts management expert at Washington-based American University.
The details of how the fees would work are the subject of talks with the city, which gives the museum $27 million in subsidies annually. The city also owns the museum site in Central Park and has approval rights for entrance policies.
An entrance fee of $25 would be in line with admissions to other New York art institutions, from the MoMA ($25) and the Guggenheim ($25) to the Whitney ($22).
New York City Mayor Bill de Blasio gave some generalized support to the idea, saying it was “fair” for non-state residents to pay something. “I’m a big fan of Russian oligarchs paying more to get into the Met,” the mayor joked recently.
Of the record 7 million visitors in 2016, 67 percent came from outside New York state and 39 percent of the total from abroad.
In recent years, the museum was targeted by a class-action lawsuit that challenged the Met’s “recommended” $25 admission and accused the institution of obscuring the fact that people could enter for less. The case was settled last year when the Met agreed to say the price is only “suggested,” with signs telling visitors that “The amount you pay is up to you.”
Visitors have split on whether an entrance fee should be mandatory for some.
Angeleka Kunath, 64, visiting from Hamburg, Germany, said she feels foreigners should pay and would gladly do so to keep the Met running at its best.
“The price is worth it. Art is so important for our lives and humanity; it gives us inspiration it brings people together,” she said.
Ken Wilson, 60, who was visiting from Greensboro, North Carolina, said he didn’t think anyone would have a problem paying to get in.
“It’s amazing and educational,” he said. But he said it was unfair that New Yorkers would get a discount. And with the search for its new director underway, the museum could maybe discuss cutting the high six-figure salaries of its top executives.
Gingerly, Deals Start Taking Shape Between Rivals China and Vietnam
Historic rivals China and Vietnam are working on substantive agreements that could cover trade, investment and maritime resource sharing despite a bitter sovereignty dispute that had snarled relations less than a year ago.
The Communist neighbors are inching toward new trade and investment ties that analysts say would help shore up overall relations. Some believe the two might later approach stickier topics such as joint use of disputed waters or humane treatment of each other’s fishermen. The two countries still contest sovereignty over tracts of the vast, resource-rich South China Sea east of Vietnam and southwest of Hong Kong.
Prospects of some kind of agreement came into focus during Vietnamese President Tran Dai Quang’s visit to China, which ends Monday. He suggested the two sides work on complementing each other’s trade and investment advantages with a view toward improving overall relations, state media from Hanoi said.
“President Quang is in China, and China promised a lot,” said Yun Sun, senior associate with the East Asia Program under Washington-based think tank the Stimson Center. “From an economic point of view, it is certainly practical and beneficial for Vietnam to have some sort of deal, but then again I think this still relatively early to tell.”
In a meeting with Quang Thursday, Chinese President Xi Jinping called for more cross-border economic cooperation zones and joint infrastructure building, according to China’s official Xinhua News Agency reported. China pledged to “mitigate” its trade deficit with Vietnam and increase direct investment, Sun said.
“Talking probably does help lower tensions and improve the odds of things happening,” said Alaistair Chan, an economist covering China for Moody’s Analytics.
The Vietnamese president suggested China finalize rules on opening the Chinese market for farm products, dairy and seafood, media outlet vietnamnet.vn said. He also called on China to make more “preferential loans” and urged a working group to develop renewable energy investment projects that play on China’s strengths and demand in Vietnam, the Vietnamese news report said.
On Friday companies from both countries signed agreements on milk distribution, tourism and rice processing.
China is the largest trade partner of Vietnam, with imports and exports worth about $72 billion last year. Vietnam also calls China one of the top 10 investors in the country.
But both countries are likely to hedge on letting outsiders invest in infrastructure, a possible source of direct investment, Chan said. “If they can get there purely on trade and stay away from investment, a touchy subject in both countries, I think that’s probably where they can get their quickest gain,” he said.
China and Vietnam stepped up dialogue after July 2016, when a world arbitration court ruled that Beijing lacked a legal basis to claim more than 90 percent of the sea, a boon to rival claimants in Southeast Asia: Vietnam, Brunei, Malaysia and the Philippines. China responded to the ruling by seeking one-on-one dialogue with each country. Vietnam was one of the most hostile toward China before the court ruling.
Beijing and Hanoi dispute sovereignty over much of the 3.5 million-square-kilometer sea, including two chains of tiny islets. Beijing’s go-ahead for a Chinese oil rig in contested waters set off a clash in 2014. The two countries also still face distrust fanned by centuries of political rivalry as well as a border war in 1979.
Both countries stake their fast-growing economies on export manufacturing. Vietnamese companies resent China for using their larger production scales to sell goods in bulk at relatively low prices.
Relations got a lift in September when the Chinese premier and Vietnamese prime minister agreed to manage maritime differences. Vietnamese Communist Party General Secretary Nguyen Phu Trong the two countries get along with a visit to China in January.
Another boost came as China emerged last year as the top single-country source of tourism for Vietnam. About 2.2 million Chinese visited Vietnam from January to October. Chinese tourists have reshaped the economies of Hong Kong and Taiwan over the past decade.
Agreements on managing disputed tracts of the South China Sea may come later if the two sides keep getting along, experts say.
Vietnam and China have agreed to an “informal” median line in the tract of sea where their claims overlap, said Carl Thayer, Southeast Asia-specialized emeritus professor of politics at The University of New South Wales in Australia. They might eventually work on expanding joint exploration for oil under the seabed and a way to ensure “humane” treatment of fishermen, he said.
“It’s to stop the ramming, boarding, seizing fish catches and radio equipment and in the old days taking them hostages for money,” Thayer said. Under a human treatment agreement, he said, “If you find them, you report them to the other side and return them rather than bash them up and take everything.”
…
Tiny Phytoplankton Threaten America’s Most Diverse Waterway
Florida’s Indian River lagoon is considered the most biologically diverse estuary in the Northern Hemisphere. But it is facing a serious threat to the plants and animals in its waters. The water’s surface is increasingly dotted with thousands of dead fish, manatees, birds and other creatures. Faiza Elmasry has more about the problem, the cause and the solution. VOA’s Faith Lapidus narrates.
…
WHO Confirms Second Ebola Case in Congo Outbreak
The World Health Organization (WHO) confirmed on Sunday a second case of Ebola in Democratic Republic of Congo after an outbreak this week of 17 other suspected cases.
Health officials are trying to trace 125 people thought to be linked to the cases identified in the remote northeastern province of Bas-Uele province in northeastern Congo near the border with Central African Republic, WHO’s Congo spokesman Eugene Kabambi said.
Three people have so far died among the 19 suspected and confirmed cases, he added.
It was not immediately clear how the first victim, a deceased male, caught the virus, although past outbreaks have been linked to contact with infected bush meat such as apes.
The outbreak comes just a year after the end of an epidemic in West Africa killed more than 11,300 people mostly in Guinea, Sierra Leone and Liberia.
However, Congo, whose dense forests contain the River Ebola near where the disease was first detected in 1976, has experienced many outbreaks and has mostly succeeded in containing them without large-scale loss of life.
The GAVI global vaccine alliance said on Friday some 300,000 emergency doses of an Ebola vaccine developed by Merck could be available in case of a large-scale outbreak and that it stood ready to support the Congo government on the matter.
…
5 Ways to Become a Smaller Target for Ransomware Hackers
This weekend’s global online extortion attack reinforces the need for businesses and other large organizations to update their computer operating systems and security software, cybersecurity experts said.
The attack largely infected networks that used out-of-date software, such as Windows XP, which Microsoft no longer offers technical support for.
“There’s some truth to the idea that people are always going to hack themselves,” said Dan Wire, a spokesman for security firm FireEye. “You’ve got to keep your systems updated.”
The attack that authorities say swept 150 countries this weekend is part of a growing problem of “ransomware” scams, in which people find themselves locked out of their files and presented with a demand to pay hackers to restore their access.
Hackers bait users to click on infected email links, open infected attachments or take advantage of outdated and vulnerable systems. This weekend’s virus was particularly virulent, because it could spread to all other computers on a network even if just one user clicked a bad link or attachment.
Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don’t install security upgrades because they’re worried about triggering bugs, or they can’t afford the downtime.
Here are five tips to make yourself a less-likely victim:
Make safe and secure backups
Once your files are encrypted, your options are limited. Recovery from backups is one of them. “Unfortunately, most people don’t have them,” Abrams says. Backups often are also out of date and missing critical information. With this attack, Abrams recommends trying to recover the “shadow volume” copies some versions of Windows have.
Some ransomware does also sometimes targets backup files, though.
You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals. It’s a good idea to back up files to a drive that remains entirely disconnected from your network.
Update and patch your systems
The latest ransomware was successful because of a confluence of factors. Those include a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and malware designed to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability.
“Hopefully people are learning how important it is to apply these patches,” said Darien Huss, a senior security research engineer for cybersecurity firm Proofpoint, who helped stem the reach of the weekend attack. “I hope that if another attack occurs, the damage will be a lot less.”
The virus targeted computers using Windows XP, as well as Windows 7 and 8, all of which Microsoft stopped servicing years ago. Yet in an unusual step, they released a patch for those older systems because of the magnitude of the outbreak.
“There’s a lot of older Windows products out there that are `end of life’ and nobody’s bothered to take them out of service,” said Cynthia Larose, a cybersecurity expert at the law firm of Mintz Levin.
Use antivirus software
Using antivirus software will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these pests. Low-end criminals take advantage of less-savvy users with such known viruses, even though malware is constantly changing and antivirus is frequently days behind detecting it.
Educate your workforce
Basic protocol such as stressing that workers shouldn’t click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don’t have unnecessary access to parts of the network that aren’t critical to their work. This helps limit the spread of ransomware if hackers do get into your system.
If hit, don’t wait and see
Some organizations disconnect computers as a precautionary measure. Shutting down a network can prevent the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don’t be fooled.
If you’re facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. There’s also no guarantee all files will be restored. Many organizations without updated backups may decide that regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.
Ryan O’Leary, vice president of WhiteHat Security’s threat research center, points out that this weekend’s hackers weren’t asking for much, usually about $300.
“If there is a silver lining to it, you’re not out a million dollars,” he said.
Still, “My answer is, never pay the ransom,” Abrams said. “But at the same time, I also know that if you’re someone who’s been affected and you’ve lost all your children’s photographs or you’ve lost all your data or you lost your thesis, sometimes $300 is worth it, you know?”
…
With Macron, Paris 2024 Olympic Bid Is ‘Ready Right Now’
Paris bid leaders want to capitalize on the sense of optimism surrounding new President Emmanuel Macron to beat Los Angeles and secure the Olympic Games in 2024 — not 2028.
With the IOC currently assessing a proposal to award the next two Olympics — one to each city — Paris officials insist the French capital city is the right choice for 2024.
The 39-year-old Macron, France’s youngest-ever president, officially took office on Sunday as the IOC evaluation commission started a three-day visit to Paris.
“Our team has a new member, the new President of France, Emmanuel Macron,” bid leader Tony Estanguet said on Sunday. “He’s been a fantastic supporter of our bid from the beginning. He will be with us all the way to Lima and hopefully beyond.”
Los Angeles and Paris are the only two bidders left for the 2024 Games, which will be awarded in September at a meeting of Olympic leaders in Peru. The race began with five cities, but Rome, Hamburg, Germany, and Budapest, Hungary, all pulled out.
The IOC has four vice presidents looking into the prospect of awarding the 2024 and 2028 Games at the same time in September.
“We have one goal during these few days: to convince you that Paris is the right city, with the right vision, at the right moment,” Paris mayor Anne Hidalgo said. “The right city with world-class venues and accommodation, and the best public transport in the world, ready right now.”
International Olympic Committee members were in Los Angeles earlier this week to meet with the U.S. bid leaders and inspect their planned venues. While Los Angeles Mayor Eric Garcetti appeared at least willing to consider hosting the 2028 Olympics if the city isn’t awarded its first choice of 2024, Hidalgo said Paris is set for the earlier edition.
“With financial and political stability and support, we are ready right now,” Hidalgo said. “At the right moment, as the no risk option.”
Patrick Baumann, the chair of the IOC evaluation commission, said Sunday’s discussions with Paris leaders focused solely on their project for 2024.
“Right now we are still in a process where we assess a potential candidacy for 2024,” Baumann told a press conference. “2024-2028 was not a matter of discussion.”
The French government has pledged one billion euros ($1.1 billion) of support for the Paris bid and Macron is expected to confirm that amount. If Paris is awarded the 2024 Games, the infrastructure budget is expected to total 3 billion euros, with operational costs of 3.2 billion euros.
Paris is also betting on the compactness of its plans to make the difference. According to the bid dossier, 84 percent of the athletes will be able to reach their competition venues in less than 25 minutes, and more than 70 percent of the proposed venues are existing facilities, with a further 25 percent relying on temporary structures.
Paris, which last staged the Olympics in 1924, failed in bids for the 1992, 2008, and 2012 Games.
With the pro-business and pro-EU Macron, Paris bid leaders have a strong supporter. The new president has already thrown his weight behind Paris’ bid, telling IOC President Thomas Bach over the phone of its “expected benefits for all French people.”
Macron did not attend Sunday’s night gala dinner with IOC members in Paris but invited the evaluation commission on Tuesday to the Elysee Palace before they leave.
Meanwhile, the Paris team added another high-profile figure to their list of backers on Sunday as it unveiled France soccer great Zinedine Zidane as their latest ambassador.
“I was involved in several bids, but this one is really close to our hearts,” said Zidane, who also supported the Qatar bid to host soccer’s 2022 World Cup and was involved in Paris’s 2008 and 2012 failed bids.
IOC members started their visit with a full day of discussions on Paris’ proposals that will be followed by venue visits on Monday and further meetings on the final day.
“Our friends of Paris 2024 presented us with an exceptional and well detailed bid presentation,” Baumann said. “We have two cities with a wonderful Olympic spirit. It’s difficult to give them less than 10 out of 10.”
…
StubHub: U2 Top-selling Live Act for US Summer 2017
Veteran Irish rock band U2 is the top-selling live music act in the United States for summer 2017, ticket seller StubHub said on Sunday, outpacing pop acts such as Ed Sheeran and Lady Gaga with a concert tour celebrating its seminal “Joshua Tree” album.
U2’s 13-stop “The Joshua Tree Tour 2017” topped the list of most popular live music acts in the United States between Memorial Day (May 29) and Labor Day (September 4). British singer Sheeran’s U.S. leg of his “divide” tour came in at No. 2 with 32 shows over the summer.
Unlike most artists who tour in support of new albums, U2’s concert celebrates the 30th anniversary of its 1987 “The Joshua Tree” album, with lyrics that drew from the band’s travels across America and social commentary.
U2 will kick off its U.S. Joshua Tree tour on Sunday at Seattle’s 68,000-capacity CenturyLink Field, and will play shows across the country including California, Texas and Florida before heading to Europe.
Sheeran’s tour will be at venues averaging a capacity of 20,000 while U2’s venues are upwards of 65,000 seats.
StubHub’s top-10 list did not include tickets sold for shows in Canada.
StubHub, which did not release the number of tickets sold, said U2 had outsold Sheeran by 65 percent and outsold last year’s top summer act, British singer Adele, by 15 percent.
Tickets for U2 have averaged around $246, while average ticket prices for Sheeran have been about $231, the ticket seller said, adding that U2’s June 3 Chicago date was the most in-demand concert of the summer.
StubHub’s top-10 acts of the summer saw an equal division of veteran artists and current pop and hip-hop acts, with Tom Petty and The Heartbreakers, Metallica, Tool and Roger Waters facing off Bruno Mars, Lady Gaga, Kendrick Lamar and Justin Bieber.
Europol says Global Cyberattack Affects 150 Countries
Europe’s police agency Europol says a global cyberattack has affected at least 100,000 organizations in 150 countries, with data networks infected by malware that locks computer files unless a ransom is paid.
“I’m worried about how the numbers will continue to grow when people go to work and turn on their machines on Monday,” Europol director Rob Wainwright told Britain’s ITV television.
So far there has been no progress reported in efforts to determine who launched the plot.
Computer security experts have assured individual computer users who have kept their PC operating systems updated that they are relatively safe.
They advised those whose networks have been effectively shut down by the ransomware attack not to make the payment demanded — the equivalent of $300, paid in the digital currency bitcoin, delivered to a likely untraceable destination that consists merely of a lengthy string of letters and numbers.
However, the authors of the “WannaCry” ransomware attack told their victims the amount they must pay would double if they did not comply within three days of the original infection — by Monday, in most cases. And the hackers warned that they would delete all files on infected systems if no payment was received within seven days.
Avast, an international security software firm that claims it has 400 million users worldwide, said the ransomware attacks rose rapidly Saturday to a peak of 57,000 detected intrusions. Avast, which was founded in 1988 by two Czech researchers, said the largest number of attacks appeared to be aimed at Russia, Ukraine and Taiwan, but that major institutions in many other countries were affected.
‘Kill switch’ found
Computer security experts said the current attack could have been much worse but for the quick action of a young researcher in Britain who discovered a vulnerability in the ransomware itself, known as WanaCryptor 2.0.
The researcher, identified only as “MalwareTech,” found a “kill switch” within the ransomware as he studied its structure.
The “kill” function halted WanaCryptor’s ability to copy itself rapidly to all terminals in an infected system — hastening its crippling effect on a large network — once it was in contact with a secret internet address, or URL, consisting of a lengthy alphanumeric string.
The “kill” function had not been activated by whoever unleashed the ransomware, and the researcher found that the secret URL had not been registered to anyone by international internet administrators. He immediately claimed the URL for himself, spending about $11 to secure his access, and that greatly slowed the pace of infections in Britain.
Experts cautioned, however, that the criminals who pushed the ransomware to the world might be able to disable the “kill” switch in future versions of their malware.
Hackers’ key tool
WanaCryptor 2.0 is only part of the problem. It spread to so many computers so rapidly by using an exploit — software capable of burrowing unseen into Windows computer operating systems.
The exploit, known as “EternalBlue” or “MS17-010,” took advantage of a vulnerability in the Microsoft software that reportedly had been discovered and developed by the U.S. National Security Agency, which used it for surveillance activities.
NSA does not discuss its capabilities, and some computer experts say the MS17-010 exploit was developed by unknown parties using the name Equation Group (which may also be linked to NSA). Whatever its source, it was published on the internet last month by a hacker group called ShadowBrokers.
Microsoft distributed a “fix” for the software vulnerability two months ago, but not all computer users and networks worldwide had yet made that update and thus were highly vulnerable. And many computer networks, particularly those in less developed parts of the world, still use an older version of Microsoft software, Windows XP, that the company no longer updates.
The Finnish computer security firm F-Secure called the problem spreading around the world “the biggest ransomware outbreak in history.” The firm said it had warned about the exponential growth of ransomware, or crimeware, as well as the dangers of sophisticated surveillance tools used by governments.
Lesson: Update programs
With WanaCryptor and MS17-010 both “unleashed into the wild,” F-Secure said the current problem seems to have combined and magnified the worst of the dangers those programs represent.
The security firm Kaspersky Lab, based in Russia, noted that Microsoft had repaired the software problem that allows backdoor entry into its operating systems weeks before hackers published the exploit linked to the NSA, but also said: “Unfortunately it appears that many users have not yet installed the patch.”
Britain’s National Health Services first sounded the ransomware alarm Friday.
The government held an emergency meeting Saturday of its crisis response committee, known as COBRA, to assess the damage. Late in the day, Home Secretary Amber Rudd said the NHS was again “working as normal,” with 97 percent of the system’s components now fully restored.
Spanish firm Telefonica, French automaker Renault, the U.S.-based delivery service FedEx and the German railway Deutsche Bahn were among those affected.
None of the firms targeted indicated whether they had paid or would pay the hackers ransom.
Europol: Global Cyberattack Affects 150 Countries
A cyberattack that has already taken over computers in 150 countries could spread further Monday, as people return for the start of a new work week and use computers that may not have been updated with a security patch.
Europe’s police agency Europol said Sunday the attack had already affected at least 100,000 organizations in 150 countries, with data networks infected by malware that locks computer files unless a ransom is paid.
“I’m worried about how the numbers will continue to grow when people go to work and turn on their machines on Monday,” Europol director Rob Wainwright told Britain’s ITV television.
So far there has been no progress reported in efforts to determine who launched the plot.
Computer security experts have assured individual computer users who have kept their operating systems updated that they are relatively safe, but urged companies and governments to make sure they apply security patches or upgrade to newer systems.
They advised those whose networks have been effectively shut down by the ransomware attack not to make the payment demanded — the equivalent of $300, paid in the digital currency bitcoin, delivered to a likely untraceable destination that consists merely of a lengthy string of letters and numbers.
However, the authors of the “WannaCry” ransomware attack told their victims the amount they must pay would double if they did not comply within three days of the original infection — by Monday, in most cases. And the hackers warned that they would delete all files on infected systems if no payment was received within seven days.
Avast, an international security software firm that claims it has 400 million users worldwide, said the ransomware attacks rose rapidly Saturday to a peak of 57,000 detected intrusions. Avast, which was founded in 1988 by two Czech researchers, said the largest number of attacks appeared to be aimed at Russia, Ukraine and Taiwan, but that major institutions in many other countries were affected.
‘Kill switch’ found
Computer security experts said the current attack could have been much worse but for the quick action of a young researcher in Britain who discovered a vulnerability in the ransomware itself, known as WanaCryptor 2.0.
The researcher, identified only as “MalwareTech,” found a “kill switch” within the ransomware as he studied its structure.
The “kill” function halted WanaCryptor’s ability to copy itself rapidly to all terminals in an infected system — hastening its crippling effect on a large network — once it was in contact with a secret internet address, or URL, consisting of a lengthy alphanumeric string.
The “kill” function had not been activated by whoever unleashed the ransomware, and the researcher found that the secret URL had not been registered to anyone by international internet administrators. He immediately claimed the URL for himself, spending about $11 to secure his access, and that greatly slowed the pace of infections in Britain.
Experts cautioned, however, that the criminals who pushed the ransomware to the world might be able to disable the “kill” switch in future versions of their malware, and that new versions were already emerging.
Hackers’ key tool
WanaCryptor 2.0 is only part of the problem. It spread to so many computers so rapidly by using an exploit — software capable of burrowing unseen into Windows computer operating systems.
The exploit, known as “EternalBlue” or “MS17-010,” took advantage of a vulnerability in the Microsoft software that reportedly had been discovered and developed by the U.S. National Security Agency, which used it for surveillance activities.
NSA does not discuss its capabilities, and some computer experts say the MS17-010 exploit was developed by unknown parties using the name Equation Group (which may also be linked to NSA). Whatever its source, it was published on the internet last month by a hacker group called ShadowBrokers.
Microsoft distributed a patch for the software vulnerability two months ago, but not all computer users and networks worldwide had yet made that update, and thus were highly vulnerable. And many computer networks, particularly those in less-developed parts of the world, still use an older version of Microsoft software, Windows XP. The company did issue a patch for Windows XP, but has otherwise largely stopped issuing updates for the software.
The Finnish computer security firm F-Secure called the problem spreading around the world “the biggest ransomware outbreak in history.” The firm said it had warned about the exponential growth of ransomware, or crimeware, as well as the dangers of sophisticated surveillance tools used by governments.
Lesson: Update programs
With WanaCryptor and MS17-010 both “unleashed into the wild,” F-Secure said the current problem seems to have combined and magnified the worst of the dangers those programs represent.
The security firm Kaspersky Lab, based in Russia, noted that Microsoft had repaired the software problem that allows backdoor entry into its operating systems weeks before hackers published the exploit linked to the NSA, but also said: “Unfortunately it appears that many users have not yet installed the patch.”
Britain’s National Health Services first sounded the ransomware alarm Friday.
The government held an emergency meeting Saturday of its crisis response committee, known as COBRA, to assess the damage. Late in the day, Home Secretary Amber Rudd said the NHS was again “working as normal,” with 97 percent of the system’s components now fully restored.
Spanish firm Telefonica, French automaker Renault, the U.S.-based delivery service FedEx and the German railway Deutsche Bahn were among those affected.
None of the firms targeted indicated whether they had paid or would pay the hackers ransom.
WHO to Vote for New Director-General; David Nabarro Wants the Job
Dr. David Nabarro says he wants to rid the world of two diseases that are close to being eradicated: polio and guinea worm. Polio exists mainly on the Pakistani-Afghan border and in northern Nigeria. Both are conflict zones, where vaccine workers risk their lives to immunize children.
“The last part of eradicating any disease is always the hardest part,” Nabarro said during a visit to VOA. “If you don’t do it, you lose everything. To do it, you’ve got to really bring all the energy and commitment you can to bear.”
The World Health Organization has worked to eliminate polio for more than 30 years. Nigeria was to be declared polio-free this year, meaning the country had no cases for three continuous years, but then the disease returned.
“We must remain vigilant and focused until we are certain that the last case has been found and that we have got everybody protected,” Nabarro said.
Watch: WHO to Vote on New Director-General; David Nabarro Wants the Job
Guinea worm
Nabarro also wants to rid the world of Guinea worm, a disease that starts when people drink water containing fleas infected with guinea worm larvae. The larvae grow in human intestines. And while it is not life-threatening, it is painful when the worm emerges.
In 1986, about 3.5 million people had Guinea worm disease. Last year, 25 people had it. This was the result of efforts by United Nations agencies, the Carter Center, which was founded by former U.S. President Jimmy Carter, and the U.S. Centers for Disease Control and Prevention.
Nabarro wants to make more inroads in ending malaria, a disease that threatens nearly half the world’s population. Even through malaria can be prevented and cured, the WHO says it caused nearly half a million deaths in 2015.
Ebola epidemic
During the Ebola epidemic, Nabarro visited the West African countries ravaged by the disease as the U.N. special envoy on Ebola. It took the world a long time to put together an effective response to the epidemic, and before it was over more than 11,000 people died.
The WHO was heavily criticized for the way it handled the pandemic. Nabarro wants to make sure a tragedy of this magnitude does not happen again because of a lack of preparedness.
“I want to be sure the world as a whole helps nations to respond quickly when there’s a threat of infection. Usually, that means that the problem doesn’t get out of control,” he told VOA.
Life of public health service
Nabarro has spent his life working in public health. He worked in Iraq with Save the Children in 1974. He continued to work in public health positions until he joined the World Health Organization in 1999 and has worked at the WHO and for the U.N. since then. Nabarro has worked on malaria programs.
Now, he hopes to be elected director-general of the World Health Organization when the World Health Assembly meets in Geneva May 23.
This is the first time candidates will be elected to become director-general of WHO by member nations.
…
WHO to Vote on New Director-General; David Nabarro Wants the Job
Dr. David Nabarro says he wants to rid the world of two diseases that are close to being eradicated: polio and guinea worm. During a visit to VOA, he also said he wants to work to end malaria if he becomes the next head of the World Health Organization. This is the first time candidates will be elected to become director-general of WHO. VOA’s Carol Pearson has more.
…
Fleming Ready to Move On, Performs Marschallin One Last Time
Renee Fleming sang the famous “Ja, ja” one last time, acknowledging the ascendancy of youth, and made a graceful exit from the stage.
The 58-year-old soprano, the most well-known American classical singer, performed the Marschallin in Strauss’ “Der Rosenkavalier” for the final time Saturday in what may have been her farewell to staged standard repertoire.
Confetti fell from the top of the Metropolitan Opera and bouquets were thrown from the crowd during a nine-minute ovation that followed the performance on the final day of the company’s 2016-17 season. Fleming plans to concentrate her appearances on concerts and will consider singing in new operas.
Fleming first sang the Marschallin, an aristocrat who accurately predicts her lover will leave her for a younger woman, at the Houston Grand Opera in 1995. Saturday was her 70th staged performance of the role, which included productions in San Francisco, London, Paris, Zurich, Baden-Baden and Munich, and with the Met on tour in Japan. She sang additional concert versions in Boston, Washington, and Paris.
“I feel satiated,” she said outside her dressing room. “It’s time — time to say goodbye.”
She was 36 for her first Marschallin, four years older than the age of the character created by composer Richard Strauss and librettist Hugo von Hofmannsthal for the opera, which premiered in 1911.
“Nothing seems like 22 years. Where did it go?” Fleming said.
The Marschallin is one of her most acclaimed roles and it seemed an apropos choice. She wistfully sings during her first act monologue: “Time is a strange thing. While one is living one’s life away, it is absolutely nothing. Then, suddenly, one is aware of nothing else.”
“This fear of aging, it touches everybody’s heart,” Fleming said after the performance.
…
New Rover to Make Moon Landing Next Year
Science fiction movies often contain imaginary technology. But now a real life moon rover has made it onto the big screen. Not only is it a star in a new film, but it will also play a starring role on a private mission to the moon next year. VOA’s Deborah Block has the story.
…
Factbox: Ebola Virus Outbreaks in Africa
Democratic Republic of Congo Ebola Outbreak
On May 13, the World Health Organization declared an Ebola outbreak in Bas-Uele province, in the Democratic Republic of the Congo, after a person tested positive for the Ebola virus.
The last Ebola outbreak in Congo happened in 2014 and killed more than 40 people.
In 2013, an Ebola crisis began in Guinea, Sierra Leone and Liberia.
Congo’s outbreaks have all been in areas not linked to the West African cases.
2013-16 Western Africa Ebola Outbreak
Where: Guinea, Liberia, Sierra Leone
Began: December 2013
Ended*: March 2016
- WHO declared the outbreak in West Africa a public health emergency in August 2014. It declared the end of the transmission of Ebola in Guinea in December 2015, Liberia in January 2016 and in Sierra Leone in March 2016.
Even after the last transmission, WHO warned the countries were still at risk of sporadic transmission of Ebola because of the presence of the virus in some survivors.
WHO noted flare-ups of Ebola cases in Guinea in March 2016 and Liberia in June 2016.
2013-16 West Africa Ebola Outbreak, Death Tolls*
Guinea 3,814 cases 2,544 deaths
Liberia 10,678 cases 4,810 deaths
Sierra Leone 14,124 cases 3,956 deaths
Total 28,616 cases 11,310 deaths
Source: U.S. Centers for Disease Control and Prevention
- The 2013-16 West Africa Ebola outbreak was the largest in history.
Ebola Symptoms
Symptoms of the virus may include:
Fever
Severe headache
Muscle pain
Weakness
Fatigue
Diarrhea
Vomiting
Abdominal (stomach) pain
Unexplained hemorrhage (bleeding or bruising)
- Symptoms may appear anywhere from two to 21 days after exposure to Ebola, but the average is eight to 10 days.
Prevention
Avoid areas of known outbreaks
Wash hands frequently
Avoid bushmeat
Take precautions and avoid direct contact with infected people
- There is no known treatment for Ebola. Symptoms of Ebola and complications are treated as they appear.
…
Global Cyberattack in Brief: Ransomware, a Vision of Future?, Seeking Culprits
In what is believed to be the largest attack of its kind ever recorded, a cyberextortion attack continued causing problems Saturday, locking up computers and holding users’ files for ransom at dozens of hospitals, companies and government agencies. Businesses and computer security organizations await problems in the new workweek.
Ransomware Attack Could Herald Future Problems — Tech staffs around the world worked around the clock this weekend to protect computers and patch networks to block the computer hack whose name sounds like a pop song — “WannaCry” — as analysts warned the global ransomware attack could be just the first of a new wave of strikes by computer criminals.
Worldwide Cyberattack Spreads Further in Second Day — A cyberattack against tens of thousands of data networks in scores of countries, all infected by malware that locks computer files unless a ransom is paid, spread further in its second day Saturday, with no progress reported in efforts to determine who launched the plot.
Authorities Seek Clues On Culprits Behind Global Cyberattack — The British government said on Saturday it does not yet know who was behind a massive global cyberattack that disrupted Britain’s health care services, but Interior Minister Amber Rudd said the country’s National Crime Agency is investigating where the attacks came from.
Europol Working on Probe Into Massive Cyberattack — The European Union’s police agency, Europol, says it is working with countries hit by the global ransomware cyberattack to rein in the threat and help victims.
‘Perfect Storm’ of Conditions Helped Cyberattack Succeed — The cyberextortion attack that hit dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.
Where Global Cyberattack Has Hit Hardest — A look at some of the countries and organizations hardest hit during the global cyberattack.
What Is the Digital Currency Bitcoin? — In the news now after a cyberextortion attack this weekend, bitcoin has a fuzzy history, but it’s a type of currency that allows people to buy goods and services and exchange money without involving banks, credit card issuers or other third parties.
Eurovision Song Contest 2017
The Ukrainian capital, Kyiv, was the scene of the final of the 2017 Eurovision Song Contest, the annual europop song fest that was expected to garner a television audience of some 200 million.
…
Where Global Cyberattack Has Hit Hardest
Here is a look at some of the places hit by the global cyberattack.
European Union — Europol’s European Cybercrime Center, known as EC3, said the attack “is at an unprecedented level and will require a complex international investigation to identify the culprits.”
Britain — Britain’s home secretary said the “ransomware” attack hit one in five of 248 National Health Service groups, forcing hospitals to cancel or delay treatments for thousands of patients — even some with serious aliments like cancer.
Germany — The national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services. Deutsche Bahn said it deployed extra staff to help customers.
Russia — Two security firms — Kaspersky Lab and Avast — said Russia was hit hardest by the attack. The Russian Interior Ministry, which runs the country’s police, confirmed it was among those that fell victim to the “ransomware,” which typically flashes a message demanding payment to release the user’s data. Spokeswoman Irina Volk was quoted by the Interfax news agency Saturday as saying the problem had been “localized” and that no information was compromised. Russia’s health ministry said its attacks were “effectively repelled.”
United States — In the U.S., FedEx Corp. reported that its Windows computers were `”experiencing interference” from malware, but wouldn’t say if it had been hit by ransomware. Other impacts in the U.S. were not readily apparent.
Turkey — The head of Turkey’s Information and Communication Technologies Authority or BTK says the nation was among those affected by the ransomware attack. Omer Fatih Sayan said the country’s cyber security center is continuing operations against the malicious software.
France — French carmaker Renault’s assembly plant in Slovenia halted production after it was targeted. Radio Slovenia said Saturday the Revoz factory in the southeastern town of Novo Mesto stopped working Friday evening to stop the malware from spreading.
Brazil — The South American nation’s social security system had to disconnect its computers and cancel public access. The state-owned oil company Petrobras and Brazil’s Foreign Ministry also disconnected computers as a precautionary measure, and court systems went down, too.
Spain — The attack hit Spain’s Telefonica, a global broadband and telecommunications company.
…