Yesterday’s worldwide ransomware cyber attack that targeted computers running the Windows operating system affected at last 500 Mexican banking, communications and retail firms, say experts.
Called WannaCry, the malicious program attacked the United Kingdom’s National Health Service, Spanish telecommunications firm Telefónica and computers in hundreds of countries, locking them up and demanding a ransom.
In Mexico, the director of technological innovation of Trend Micro, a multinational security software company, told the newspaper El Universal that no specific business sector was targeted. But among the targets were banks and telecommunications and retail companies, said Juan Pablo Castro, director of innovation technology.
At least 500 organizations were affected in Mexico, a number that could yet increase, according to the Latin America research and analysis director at Kaspersky Lab, a multinational cybersecurity and anti-virus provider.
“Even if Mexico is not among the most affected [countries], many firms choose to deny they were targeted, attempting to protect what they call prestige,” said Dmitry Bestuzhev.
Federal Police technology experts told a different story. They said in a statement yesterday that “no attacks from this virus have been detected so far in Mexico.”
A ransomware attack encrypts all the content on a targeted computer. The user is then held at the mercy of the hijackers, who usually demand a money transfer before allowing the former to retrieve their information.
On this occasion, a payment of around US $300 was demanded via Bitcoin, a cryptocurrency and digital payment system.
Bestuzhev told CNN Expansión that his company detected the first instance of the WannaCry attack on Monday, targeting a financial institution in Peru.
“We managed to contain the malicious software, and to keep it from spreading.”
What Kaspersky Lab couldn’t foresee was that the attack would return, targeting hundreds of countries.
Trend Micro’s Castro said that Microsoft Corporation was alerted to vulnerabilities in its operating system two months ago and that the pertinent updates and security patches were published, “but it wasn’t enough.”
Medium to large companies can take up to 90 days to fully update their machines, giving attackers enough time to target the insecure computers, he explained.
He also recommended that affected users not pay the ransom because there is no way of knowing if the lost data will actually be restored.