The Finnish Communications Regulatory Authority reports that the ransomware wreaking havoc around the world called WannaCry has been detected in Finnish systems.
The malicious ransomware also going by the name WanaCrypt0r has corrupted systems in at least 74 countries. The attacks have struck organisations like the British National Healthcare Service and Russian banks, telecommunications companies and the Interior Ministry.
The ransomware targets Windows operating systems. Once installed, the software locks the computer and demands 300 US dollar ransom to be paid in bitcoin within six hours.
Organisations at risk are those who have neglected updates to their cyber security settings.
Jussi Eronen, Chief Information Security Advisor at the Finnish Communications Regulatory Authority says some tens of cases have arisen in Finland.
“We’d like to keep the number as it is,” Eronen says.
“Now is a time to bring operating systems up to date, especially since Microsoft released updates for Windows (Server) 2003 and XP systems.”
Microsoft issued an additional update to the XP operating system late Friday night because of the security breach.
”The situation is under control.”
Chief Research Officer at F-Secure Mikko Hyppönen estimates this series of cyber-attacks is unprecedented in size and dissemination. The situation, however, is under control in Finland.
“WannaCry took advantage of a vulnerability in an update that was issued mid-March, with the exception of some older operating systems like the XP that are not updated anymore. This is why we’re seeing such massive geographical differences. Finnish organizations use systems that are newer and more frequently operated than in other countries,” Hyppönen says.
Home users can rest assured, as Hyppönen says the ransomware only affects business networks, as it spreads through internal file staring.
In a worst case scenario, WannaCry would issue out updates of its own to attack new vulnerabilities. Hyppönen says this would be a relatively easy thing to do.
”At the moment we suspect the group behind the attacks were taken aback how quickly the spyware spread. I’m guessing they might keep a low profile for the time being,” Hyppönen says.