In the 24 hours following the attack, at least 75,000 systems were affected. By Sunday, the executive director of Europol, the European Union’s police agency, said that 200,000 computers had been hit, many of which belong to some of the largest institutions and government agencies in the world. Experts speculate that big organizations were particularly vulnerable to attack because of their outdated technology. The NHS, for instance, has been known to rely on out-of-date and unprotected software that made it highly susceptible to a malware infection.
Last week in the U.S., President Trump signed an executive order designed to protect the nation from cybersecurity risks, with a focus on modernizing the federal government’s aging IT systems. On Sunday, a senior U.S. administration official told Reuters that Trump called an emergency meeting Friday night to assess the threat of the cyberattack, with the White House conducting a second meeting on Saturday to determine the perpetrators.
On Saturday, Europol called the hacking “unprecedented,” while U.S. security expert Rich Barger told Reuters it was “one of the largest global ransomware attacks the cyber community has ever seen.” In Spain, the nation’s biggest telecommunications firm, Telefonica, was hacked alongside a Spanish electric utility company, Iberdrola, and a utility provider, Gas Natural. In the U.S., FedEx reported that some of its Windows computers had been hacked. And in Russia, 1,000 computers were infected at the nation’s interior ministry. The ministry later reported that the virus had been handled and no sensitive information was compromised.
Other victims of the attack include the German railway company Deutsche Bahn and a Nissan manufacturing center in the north of England. The French car manufacturer Renault was also forced to temporarily shut down one of its plants in Slovakia. Amid speculation on social-media, China’s official news agency, Xinhua, revealed that some of the nation’s companies, secondary schools, and universities had been affected as well.
How was such a massive, coordinated attack possible? On Friday, infected computer systems around the world received emails demanding ransom payments of $300 to $600 in the form of bitcoin to unlock their devices. With users around the world delivering payments in order to prevent their files from being erased, the hackers stand to gain up to $1 billion, The New York Times reported Saturday.
Many experts believe the attackers relied on a tool developed by the U.S. National Security Agency to breach Microsoft’s Windows software. In April, a group known as the “Shadow Brokers” released the stolen malware online in political protest. According to an emailed statement from Don Foster, the senior director of solutions marketing at Commvault, a U.S. data-protection company, “ransomware has proved to be one of the most effective ways to infiltrate an organization.”