The malicious “ransomware” attacks that seized computers worldwide Friday and held those systems hostage are likely to worsen this week as millions of people return to work — forcing them to discover the hard way whether they have been affected, security analysts said.
With much of the world still reeling from the digital breach that prevented people from receiving hospital care, a second wave of what European officials have called “the biggest ransomware attack ever” could be devastating.
“They’re going to turn on their computers in the morning and find out if they were protected or not,” said James Barnett, a security expert at Venable and retired Navy rear admiral.
The software, which first affected Britain’s National Health Service before spreading to as many as 150 countries, locked down victims’ computers and threatened to delete their files unless they paid $300 in bitcoins. It primarily targeted users of Windows XP, an aging operating system for which Microsoft largely ended support in 2014.
Much of the potential damage from Friday’s attack was quickly contained by the efforts of a 22-year-old security researcher, who goes by @MalwareTechBlog on Twitter. The researcher discovered that the unnamed attackers had accidentally included a “kill switch” in their software that would allow the owner of a particular website to stop the attack. By paying about $10 to acquire the domain name, the researcher was able to thwart the malware.