Economic experts offered differing views on how much the attack, and associated computer outages, would cost businesses and governments. The non-profit US Cyber Consequences Unit research institute estimated that total losses would range in the hundreds of millions of dollars, but not exceed $1bn. Most victims were quickly able to recover infected systems with backups, said the group's chief economist, Scott Borg. California-based cyber risk modeling firm Cyence put the total economic damage at $4bn, citing costs associated with businesses interruption. US President Donald Trump on Friday night ordered his homeland security adviser, Tom Bossert, to convene an "emergency meeting" to assess the threat posed by the global attack, a senior administration official told Reuters. Senior US security officials held another meeting in the White House Situation Room on Saturday, and the FBI and the NSA were working to help mitigate damage and identify the perpetrators of the massive cyber attack, said the official, who spoke on condition of anonymity to discuss internal deliberations. The investigations into the attack were in the early stages, however, and attribution for cyber attacks is notoriously difficult. The original attack lost momentum late on Friday after a security researcher took control of a server connected to the outbreak, which crippled a feature that caused the malware to rapidly spread across infected networks. Infected computers appear to largely be out-of-date devices that organisations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too difficult to patch without possibly disrupting crucial operations, security experts said. Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday. Code for exploiting that bug, which is known as "Eternal Blue," was released on the internet last month by a hacking group known as the Shadow Brokers. The head of the European Union police agency said on Sunday the cyber assault hit 200,000 victims in at least 150 countries and that number would grow when people return to work on Monday.'We are deploying all covert and overt means available to us' @NCA_LynneOwens gives NCA statement on #cyberattacks
https://t.co/CneOm2ptBx— NationalCrimeAgency (@NCA_UK) May 14, 2017
Monday morning rush?
Monday was expected to be a busy day, especially in Asia, which may not have seen the worst of the impact yet, as companies and organisations turned on their computers. "Expect to hear a lot more about this tomorrow morning when users are back in their offices and might fall for phishing emails" or other as yet unconfirmed ways the worm may propagate, said Christian Karam, a Singapore-based security researcher. The attack hit organisations of all sizes. Renault said it halted manufacturing at plants in France and Romania to prevent the spread of ransomware.Thousands of #Ransomware #CyberAttacks worldwide#CyberSecurity #BCAW2017https://t.co/2ERizts7LH … pic.twitter.com/eEzl8FtGwm— Thanos Mitsakos MBCI (@TMitsakos) May 12, 2017Other victims include is a Nissan manufacturing plant in Sunderland, northeast England, hundreds of hospitals and clinics in the British National Health Service, German rail operator Deutsche Bahn and international shipper FedEx Corp. A Jakarta hospital said on Sunday that the cyber attack had infected 400 computers, disrupting the registration of patients and finding records. Account addresses hard-coded into the malicious WannaCry virus appear to show the attackers had received just under $32,500 in anonymous bitcoin currency as of (1100 GMT) 7am EDT on Sunday, but that amount could rise as more victims rush to pay ransoms of $300 or more. The threat receded over the weekend after a British-based researcher, who declined to give his name but tweets under the profile @MalwareTechBlog, said he stumbled on a way to at least temporarily limit the worm's spread by registering a web address to which he noticed the malware was trying to connect. Security experts said his move bought precious time for organisations seeking to block the attacks.
Also Read: Next cyber attack could be imminent, warn experts
