A worldwide cyberattack affected 200,000 computers this weekend in 150 countries, but an official with the Department of Homeland Security says only a limited number of U.S. companies were hit.
However, another attack could be on the horizon according to a local cybersecurity expert.
"These people went through great lengths to create this malicious software so it would be foolish to assume this is their only attempt to do so," said Alex Holden, the chief information security officer at Hold Security LLC.
He says the malware affecting computers this weekend, known as WannaCry, came in the form of phishing emails and affected only Microsoft computers.
"It's using a known weakness in the Microsoft operating system that had been discovered several months ago and had been fixed but not every single system had been patched for that vulnerability," Holden said. "So this malicious software is taking advantage of that vulnerability attacking its victims and encrypting the data on the hard drive. When your data is encrypted, it's asking for money to decrypt it and if you don't pay, your data stays encrypted or gets deleted."
The attack began Friday spreading rapidly through European countries. But by Saturday morning, someone found a way to stop the virus from spreading.
One of those individuals is a Security Research Engineer in Michigan named Darien Huss.
"It really did not take long to figure out there was a kill switch feature in it," said Huss, who worked with another researcher in the U.K to disable the malware. "This is probably one of the largest and widespread cyberattacks in the last 10 years. The individual or individuals responsible for this aren't very sophisticated. It feels really amateur hour to me."
FedEx was one of a limited number of U.S. companies affected by the attack, saying in an emailed statement Monday, "FedEx has resumed normal operations and systems are performing as designed."
But Holden says the hackers likely aren't done yet.
"They most likely are regrouping right now trying to organize a second or third attack that would be much more difficult to stop," he said.
A Microsoft update released earlier this year protects computers from the breach but Holden says the hackers took advantage of those who hadn't yet installed it.
"Unfortunately, as soon as your data is encrypted and you're being extorted for the money, it's too late," he said. "There's no known way to decrypt the data without paying the ransomer."
He said having reliable backups for all of your data is a good preventative measure if this virus hits your computer. Holden recommends everyone with Microsoft run any available updates as soon as possible.
He also warned against potential scammers who could use the cyberattack as a way to extort money from victims, by offering to fix their computers.
Be sure and watch TODAY'S TMJ4 on Roku! We are the only station in Milwaukee to provide the latest news, weather and sports on the device. Search for us on Roku today!
