Cyber attack using stolen NSA tools sweeps nations

It was first reported from Sweden, Britain and France, but Russia and Taiwan 'worst hit': US media

Scores of countries and several multinational companies were hit by a massive cyber attack which, experts said, was carried out with the help of tools stolen from the National Security Agency (NSA) of the United States.

The cyber attack was first reported from Sweden, Britain and France, but countries like Russia and Taiwan are said to be worst hit, U.S. media outlets reported.

US Computer Emergency Readiness Team (USCRT), under the Department of Homeland Security, said it had received multiple reports of WannaCry ransomware infections in many countries around the world. It however, did not identify the countries.

Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it.

Individuals and organisations are discouraged from paying the ransom, as this does not guarantee access will be restored, USCERT has said.

Ransomware spreads easily when it encounters unpatched or outdated software.

"The WannaCry ransomware may be exploiting a vulnerability in Server Message Block 1.0 (SMBv1)," the USCRT said.

According to The Wall Street Journal, the malware is believed to be behind the attacks encrypt data on infected computers and essentially hold it for ransom.

"Known as WannaCry or Wanna Decryptor, the so-called ransomware program homes in on vulnerabilities in Microsoft Windows systems," the daily said.

Massive peak in attacks

In a statement, Avast Threat Lab said it had observed a massive peak in WanaCrypt0r 2.0 attacks, with more than 36,000 detections, so far.

In a statement, FedEx said it had been badly hit by the cyber attack.

"Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible," it said.

"This event should serve as a global wake-up call — the means of delivery and the delivered effect is unprecedented," Rich Barger, director of threat research at security firm Splunk, said in a statement.