A massive cyberattack has broken out worldwide, with computer networks in Ukraine and Russia the hardest hit, and the rest of Europe and North America quickly following. This attack, like most recent attacks, is based on an NSA-developed exploit called EternalBlue.
The attack is in the form of ransomware which encrypts the computer’s hard drive, and then offers to unlock the computers for approximately $300 in bitcoins. The contact email for the ransomware has already been shut down by the email provider, however, meaning there is no way for people to actually pay the ransom.
The attack was first reported in sites around Kiev, and quickly spread. It was incorrectly identified as a new version of the Petya ransomware which had been around for some time, though Kaspersky Lab quickly corrected that, pointing out it was a new software never seen before, and naming it “NotPetya.”
The exploit rests on a flaw in Microsoft’s implementation of the SMB version 1.0 protocol, though Microsoft released a patch back in March for all current Windows operating systems. There are still clearly a lot of organizations that haven’t gotten around to installing it, however, as this is the latest in a string of major attacks using the NSA-developed exploit.