The Government has assured that the number of computers and computer systems of individuals and companies that were affected by yesterday’s cyberattack and that has affected 99 countries is reduced, that there are no new infections and that the affected devices are being cleaned.
According to the National Cybersecurity Institute (Incibe), the infection of new computers by the “ransomware” type virus – a variant of the well-known “Wannacry” – has been limited because an action to deprogram it has been discovered.
It is a domain that, when infected computers connect to it, the virus does not encrypt the files, it is automatically deactivated and disinfected.
Incibe offers a free public decryption service that responds to this type of incident for both citizens and affected companies.
Telefónica, whose computer system was affected, was one of the companies that immediately contacted Incibe yesterday to ask for help.
As reported on his blog by the data chief of the telecommunications company, the former hacker Chema Alonso -a star signing of the company-, the affected company equipment “is controlled and is being restored”.
Along with the Spanish-based telecommunications company, the British hospital system, the German railway network, the Renault company in France and a large banking sector and the railway network in Russia have been affected.
According to the Czech company Avast, the cyberattack has reached 99 countries with 100,000 actions, and among the most affected are Taiwan, Ukraine and Russia. The latter with 57 percent of the total shares.
Spain would not be among the most affected countries and according to what the Minister of the Interior, Juan Ignacio Zoido, stated today, the work of the authorities has prevented sensitive information from people and companies from being stolen.
“There has not been, to our knowledge, any type of theft of information that could affect the privacy of people or the content of company data,” he pointed out.
Specialists from the National Information Center (CNI) and the Ministries of the Interior and Defense have worked to counteract the attack.
According to former hacker Chema Alonso, despite the “media noise” generated by the “ransomware” virus that starred in yesterday’s cyberattack, “it has not achieved much real impact.”
At the moment, the promoters of the attack have only achieved eight payments in bitcoins -the virtual currency that is difficult to trace- in exchange for recovering the infected computers -about 6,000 dollars in total-.
The virus was distributed massively yesterday via an email containing a link, which was not detected by anti-malware engines.
The Incibe ensures the actions of “ransomware” virus types are quite common, although the proportions of the attack suffered this Friday “is unprecedented”, Europol has sentenced today.
The virulence of the virus was more intense because it took advantage of a hole in the Microsoft operating system – which the US company reported for months – and through which it was transmitted to other computers.
The US multinational “has been very proactive” to cover this vulnerability and has published a new security patch for computers with the Windows XP operating system -of which there is still a significant computer park in Spain-, says the Spanish cybersecurity agency.
The activity of this institute has grown in recent years: in 2014 it managed 18,000 cybersecurity incidents; in 2015 it rose to 50,000, and in 2016 to 115,000. So far this year, Incibe has 50,000 incidents