Cyberattack Hits Ukraine Then Spreads Internationally<br />“The more bureaucratic an organization is, the higher chance it won’t have updated its software.”<br />Because the ransomware used at least two other ways to spread on Tuesday — including stealing victims’ credentials — even those who used the Microsoft patch could be vulnerable<br />and potential targets for later attacks, according to researchers at F-Secure, a Finnish cybersecurity firm, and others.<br />The new attack used the same National Security Agency hacking tool, Eternal Blue,<br />that was used in the WannaCry episode, as well as two other methods to promote its spread, according to researchers at the computer security company Symantec.<br />The attack is “an improved and more lethal version of WannaCry,” said Matthieu Suiche, a security researcher who<br />helped contain the spread of the WannaCry ransomware when he created a kill switch that stopped the attacks.<br />needs to take a leadership role in working closely with security and operating system platform vendors such as Apple and Microsoft to address the plague<br />that they’ve unleashed,” said Golan Ben-Oni, the global chief information officer at IDT, a Newark-based conglomerate hit by a separate attack in April that used the agency’s hacking tools.<br />At Kiev’s central post office, a few bewildered customers milled about, holding parcels<br />and letters, looking at a sign that said, “Closed for technical reasons.”<br />The hackers compromised Ukrainian accounting software mandated to be used in various industries in the country, including government agencies<br />and banks, according to researchers at Cisco Talos, the security division of the computer networking company.
