MENA region largely unscathed in massive global cyber attack
Only Egypt in the MENA region appears in the top 20 of the most affected countries
The Middle East seems to have largely escaped the brunt of the massive ransomware attack that hit targets globally over the weekend.
Although security experts say the malware could still spread, most of the known victims are in Europe. Russia seems to have been the hardest hit with over 70% of targets known so far, although Telefonica of Spain and FedEx were affected. Meanwhile, medical operations at UK’s National Health Service (NHS) were disrupted as the organisations reeled from a large-scale attack on its IT systems.
Only Egypt in the MENA region appears in the top 20 of the most affected countries, with relatively few organisations falling victim.
The attack began on Friday, when cybercriminals tricked victims into opening malicious malware attachments to spam emails that appeared to contain legitimate invoices, job offers, security warnings etc., or what is known as social engineering.
The ransomware encrypted data on victim computers, demanding payments of $300 to $600 to restore access. A number of victims are known to have paid via the digital currency bitcoin.
According to Kaspersky Lab the attack, dubbed “WannaCry”, was initiated through a Server Message Block version 2 (SMBv2) remote code execution in Microsoft Windows. SMB is mainly used for providing shared access to files, printers, and serial ports among other applications.
The exploit was patched by Microsoft on March 14. It appears however that many organisations have not yet installed the patch.
The attackers seem to have employed hacking stolen from the U.S. National Security Agency and leaked by the Shadow Brokers group earlier this year.