In the past ten hours, there have been reports of more than 45,000 ransomware attacks in approximately 74 countries. These attacks appear to be using a leaked National Security Agency exploit, which attackers spread through a Microsoft (NASDAQ:MSFT) exploit called “EternalBlue.”
The cyberattack originated in the U.K., but became global within hours, with Twitter Inc (NYSE:TWTR) users sharing images of locked-up computer screens displaying a ransom message demanding $300 in bitcoin.
Hospitals and telecoms in the U.K. initially appeared among the primary targets, as confirmed by the NHS and Telefonica. It’s now believed, however, that the majority of attacks were targeting Russia.
The speed of the attack was helped by the nature of the infection, which used what’s known as a “hunter” module to scan the host network and basically jump from computer to computer within a network. According to a CNN report:
“… if your laptop is infected and you went to a coffee shop, it would spread to PCs at the coffee shop. From there, to other companies.”
The hackers — a group donning the moniker “Shadow Brokers” — used stolen NSA hacking tools to attack vulnerable targets that had yet to update their systems. In light of this, investors have flocked to cybersecurity stocks as the fallout of today’s attack will no doubt spur many companies to realize that the emperor has no clothes.
As of this writing, cybersecurity firm FireEye Inc. (NASDAQ:FEYE) is up 1.5%, while Palo Alto Networks Inc (NYSE:PANW) is up 72 basis points. No such luck for Cyberark Software Ltd (NASDAQ:CYBR), which is down 12% on dismal earnings.