Cyber-attack guides promoted on YouTube

Cyber-attack guides promoted on YouTube

By Jon Ungoed-Thomas, Robin Henry and Dipesh Gadher May 14 2017, 12:01am, The Sunday Times

Friday’s cyber-attack hit more than 45,000 organisations in at least 99 countries

YouTube is providing a platform for criminals promoting and selling ransomware, the type of malicious software that wreaked havoc in the NHS.

Hackers are posting step-by-step guides on YouTube on how to build ransomware. They also provide links to websites where ransomware can be bought for as little as £16, with technical support on how to infect people’s computers.

Details of how ransomware is openly promoted and traded on the internet comes after a global cyber-attack hit more than 45,000 organisations in at least 99 countries. Forty-eight NHS organisations were hit, including about 30 hospital trusts.

As many as 70,000 NHS devices including computers, magnetic resonance imaging (MRI) scanners, blood-storage fridges and theatre equipment could have been affected.

As the devices failed, operations were halted mid-surgery and patients were left stranded in scanners, according to reports from clinical staff.

This weekend YouTube terminated a channel used by one hacker and pulled down other ransomware video guides after an investigation by The Sunday Times.

One hacker, Mohmmad Yahya, posted a video guide on how to make ransomware. Another YouTube user, Suddendox, posted a video on producing ransomware with a link to a site where it can be bought for $20.

NHS England said most of the hospitals hit by Friday’s attack were “running normally” by yesterday afternoon.

The Sunderland plant of the car maker Nissan was also affected but bosses said there had been no significant impact on its business.

Ciaran Martin, chief executive of the National Cyber Security Centre, said it was likely other victims of the attacks would emerge in the coming days.

It is understood the security services do not consider the attack to have been state-sponsored. One security expert said the malicious software looked like “the sort of thing someone had put together in their spare time”.

Jonathan Ashworth, shadow secretary for health, said the NHS had been unprepared for the attack and an independent inquiry was required to establish why repeated warnings were not properly acted on.

A YouTube spokesperson said: “YouTube has clear policies that outline what content is acceptable to post, and we remove videos violating these policies when we’re made aware of them, terminating the accounts of repeat offenders. In a small number of cases, ads appear where they shouldn’t and we act quickly to remove them.”


Comments

Popular posts from this blog

High-speed Hyperloop track ready for first trial run in Nevada

How the Fed went from lender of last resort to destroyer of American wealth

Apple leaps into AI research with improved simulated + unsupervised learning