The “ransomware” cyberattack that has hit companies and governments around the world ebbed in intensity today, though experts warned that new versions of the virus could emerge. Thousands more infections were reported today, largely in Asia, which had been closed for business when the malware first struck Friday. The cases were more contained, however, than the systemic outbreak that last week paralyzed computers running factories, banks, government agencies and transport systems around the world. Many of the 200,000 victims in more than 150 countries were still struggling to recover from the first attack of the so-called “WannaCry” virus.
Carmaker Renault said one of its French plants, which employs 3,500 people, wasn’t reopening today as a “preventative step.”
Britain’s National Health Service said about a fifth of NHS trusts â€” the regional bodies that run hospitals and clinics â€” were hit by the attack on Friday, leading to thousands of canceled appointments and operations. Seven of the 47 affected trusts in England were still having IT problems that disrupted services today. Thirteen health bodies in Scotland that were hit were up and running today, Scottish First Minister Nicola Sturgeon said.
As cybersecurity firms worked around the clock to monitor the situation and install a software patch, new variants of the rapidly replicating malware were discovered yesterday. One did not include the so-called kill switch that allowed researchers to interrupt the malware’s spread Friday by diverting it to a dead end on the internet.
Ryan Kalember, senior vice president at Proofpoint Inc., which helped stop its spread, said the version without a kill switch could spread. It was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files but other more malicious ones will likely pop up.
“We haven’t fully dodged this bullet at all until we’re patched against the vulnerability itself,” Kalember said. Lynne Owens, director-general of Britain’s National Crime Agency, said there was no indication of a second surge of the cyberattack, “But that doesn’t mean there won’t be one.” Tim Stevens, a lecturer in global security at King’s College London, said the incident should be a wakeup call to both the public and private sectors to incorporate security into computer systems from the ground up, rather than as an afterthought.