With the clock ticking on whether a global hacking attack would wipe out his data, Bolton Jiang had no intention of paying a 21st-century ransom.
Since a week ago, when the malware first struck, Mr. Jiang has been busily fixing and replacing computers at the electronics company where he works in Shanghai. Paying is a bother, he said, and there was no guarantee he would get his data back.
“Even if you do pay, you won’t necessarily be able to open the files that are hit,” he said. “There is no solution to it.”
Tens of thousands of computer users around the world faced the same dilemma on Friday, their last chance to pay the anonymous hackers behind the ransomware attack known as WannaCry. The malicious software exposed the widespread vulnerability of computers and offered a peek at how a new type of crime could be committed on a global scale.
As part of the hacking, attackers demanded that individuals pay a fee to regain control of their machines, or face losing their data.
The latest strain of ransomware was particularly virulent, experts warned, because it had been based on software stolen from the National Security Agency. Law enforcement agencies in the United States and elsewhere have been hunting for the culprits, with attention focused on hackers linked to North Korea.
Despite a week of widespread disruption, the total ransom paid so far looks relatively modest. An online tracking system showed that the amount sent in the electronic currency Bitcoin to accounts listed by the attackers had begun to plateau on Wednesday, and had reached about $90,000 on Friday afternoon in Europe. Early estimates of what the virus could ultimately earn had ranged into the tens of millions or even hundreds of millions of dollars. Victims have seven days to pay from when their computers were originally infected, so the deadline will vary from case to case.
A number of people and companies have struck a defiant tone. The Japanese conglomerate Hitachi, which had been identified in the news media as a victim, declined to confirm those reports on Friday but said that it had no intention of paying a ransom and that it aimed to be fully secure against future attacks by Monday.
Nissan Motor, another Japanese industrial giant, also said it would not pay a ransom. Its factory in Sunderland, England, was affected, but the company said it had not lost data.
Owners of the more than 200,000 computers across the globe that have been hit by the malware face similar decisions. Those affected, including hospitals, government offices and universities, have lost access to business information, term papers and even medical records that could involve matters of life or death.
In Britain, whose National Health Service was one of the largest organizations affected by the ransomware, some medical institutions were still struggling to get back on their feet.
Barts Health, one of the country’s largest hospital groups, said that it had been forced to cancel 20 percent of outpatient appointments, as well as to cut back on nonemergency surgeries.
Yet cybersecurity experts have generally advised those affected not to pay.
“It costs the perpetrators peanuts to carry out an attack like this,” said Rafael Sanchez, an international breach response manager at Beazley, an insurer in London that has handled thousands of ransomware attacks for corporate clients. “And any ransom will only likely lead to more attacks,” he added.
While some who had paid regained access to their files, according to the Finnish cybersecurity firm F-Secure, security analysts cautioned that there was no guarantee all WannaCry victims would. Because the attackers listed only three addresses as payment destinations, it would be difficult for them to determine which victims had paid, and therefore whose files to decrypt.
“It looks like the attackers had no intent in decrypting anything,” said Tom Robinson, co-founder of Elliptic, a company in London that tracks online financial transactions involving virtual currencies that helps organizations respond to digital attacks.
As victims faced an agonizing choice on Friday over whether to pay or risk losing their data, cybersecurity experts said that they had developed a potential way to decrypt individual machines without having to hand over the ransom. The technique, however, depended on how long infected computers had been hijacked by the online attackers, and required a high level of technical expertise.
According to law enforcement agencies, paying could leave victims vulnerable to being targeted again, and it also presents a challenge for people affected who have never used Bitcoin before.
Click Here to Blogger