Acronis True Image
formerly Acronis Cyber Protect Home Office

As you probably already know, a massive cyberattack hit countries across the globe. Tens of thousands of ransomware attacks flooded IT systems around the world Friday, and these attacks continued to spread throughout the weekend. As of Tuesday morning, this infection had spread to 150 countries and hundreds of thousands of computers.

The ransomware is called “WannaCry,” and it locked down computers and demanded online payment Bitcoin in order to regain access. Its point of access is a vulnerability in Microsoft’s file-sharing network protocol. So far, more than $75,000 in ransom has been paid to remove the infection.

Victims have seven days to pay the ransom or else their data will be destroyed. Every few days, the ransom amount doubles.

This attack took the world by storm and proved just how vulnerable our devices can be. It tested the security of the world’s top institutions—and defeated many of them. So who are some of these victims?

RELATED: What is Ransomware?

NHS

One of the first documented victims of the WannaCry attack was the UK’s National Health Service, which adversely affected hospitals across the UK. Patient appointments were cancelled and ambulances were diverted as a result of the attack. Throughout the weekend, these hospitals were still feeling the effects of the attack, according to the BBC.

60 NHS trusts were hit by the attack, and on Monday 11 of them were still having problems. Planned services have been reduced, surgery and outpatients appointments cancelled. These hospitals are still open for emergency services, however.

Past cyberattacks on the NHS have led officials to believe that "external cyber threat is becoming a bigger consideration,” and that there is a "lack of understanding of security issues" within the NHS. There are questions as to whether these hospitals were using updated software, or if they had been regularly backing up their systems.

As the NHS continues to pick up the pieces after this attack, it is important that they also take a long look at their current data protection strategies to ensure an attack of this magnitude doesn’t affect them or their patients again anytime soon.

Deutsche Bahn

Deutsche Bahn computers were affected by Friday’s ransomware attack, and rail services were disrupted as a result, according to the Telegraph.

The ransomware known as WannaCry, using tools that came from the NSA, infected computers and demanded $300 in ransom. These demands were displayed on infected computers and even showed up on display screens at train stations.  

Acronis
deutschebahn WannaCry

Deutsche Bahn's display affected by WannaCry ransomware. Source: @tusharvartak

"Due to a Trojan attack there are system failures in various areas,” the company said in a statement. The company worked throughout the weekend to try and resolve the issue.

While companies across the country continue to try and fix their infected systems, Microsoft is planning on rolling out automatic Windows updates to defend against this ransomware and protect them from the file-sharing protocol exploit.

Renault

Another confirmed victim of the WannaCry attack is French carmaker Renault. according to France 24.

Ransomware hit the carmaker on Friday, causing it to shut down several sites to ensure the infection wouldn’t spread to other computers within the company. A spokesperson said they should back up and running on Monday.

This is the first major company in France to report being infected by this ransomware.

“Measures are being put in place to stop the spread of the virus; it’s the first step. We’re seeking to have a global vision to see which sites have been affected,” said a Renault spokesperson.

As of today, the car giant was back up and running at normal operations. But most victims of this attack have not been so lucky, and continue to face disruptions even now. 

Nissan

Another carmaker targeted was Nissan, according to the Mirror. Nissan’s manufacturing plant in Sunderland was affected by this attack.

"Like many organizations, our UK plant was subject to a ransomware attack affecting some of our systems on Friday evening. Our teams are working to resolve the issue," a spokesperson for the plant said.

Production was temporarily halted as a result of the attack. It is not yet known if production was halted due to the attack affecting its systems, or as a precaution. They plan to be up and running again by Monday.

Russian Railways

Russian Railways was another company affected by the WannaCry ransomware over the weekend, according to RT.

In a statement to the TASS news agency, the company said, “The IT system of Russian Railways has been attacked by a virus. The virus has been isolated. The work to eliminate it and upgrade anti-virus protection is currently underway.”  

Acronis
WannaCry Ransomware

Rassian Railways control room affected by WannaCry ransomware. Source: @0xUID

This attack did not cause disruption to services, the company says, though the effects could be seen through faults in ticket machines and display screens.

There were reports that Russian banks were also hit by this attack, though they have released statements stating that their networks were not compromised.

Telefónica

Spanish telecommunications giant Telefónica has reported disruptions as a result of Friday’s massive cyberattack, according to Fortune.

According to officials, the ransomware attack didn’t impact the provision of services or networks. Instead, internal networks and computers were affected. No clients were affected as a result of this attack.

"Seeing a large telco like Telefonica get hit is going to get everybody worried. Now ransomware is affecting larger companies with more sophisticated security operations," said Veracode Chief Technology Officer Chris Wysopal.

Other companies across the country were urged to take extra security precaution after news of this attack spread. Experts at Telefónica immediately went to work trying to fix affected computers.

It is not clear how many other Spanish companies were affected by the WannaCry ransomware. But to make sure that this ransomware doesn’t spread, and that a new attack doesn’t take the world by surprise once more, it’s important to integrate a comprehensive data protection solution into your IT departments. And with Acronis’ ransomware-fighting tool known as Active Protection, you can rest assured your data will be safe from future ransomware attacks.

About Acronis

A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.

More from Acronis