The global cyberattack that took computer files hostage appeared to slow on Monday as authorities worked to catch the extortionists behind it — a difficult task that involves searching for digital clues and following the money.
Among their findings so far: The first suggestions of a possible link between the “ransomware” known as WannaCry and hackers linked to North Korea. Those findings remain quite tentative; one firm advancing them described them as intriguing but still “weak.”
Experts had warned that WannaCry might wreak renewed havoc on Monday, particularly in Asia, which was closed for business on Friday when the malware scrambled data at hospitals, factories, government agencies, banks and other businesses.
But while there were thousands of additional infections there, the expected second-wave outbreak largely failed to materialize, in part because security researchers had already defanged it.
President Donald Trump’s homeland security adviser said Monday that, so far, no U.S. federal systems have been affected by the global cyberattack.
Tom Bossert said the U.S. government has been closely monitoring the attack, which has affected an estimated 300,000 machines in 150 countries. He said a few U.S. businesses, including FedEx, were affected.
Local experts said Long Island seems to have evaded the brunt of the attack so far, though ransomware remains a concern here.
Chris Fidis, 58, owner of SEO Business Solutions, a cybersecurity company in West Hempstead, said he hasn’t been contacted by any Long Island clients about the recent cyberattack.
“But I’ve definitely helped plenty of clients deal with ransomware attacks in the past,” he said, including individuals and small businesses.
Steve Rubin, 43, a partner and co-chair of Garden City law firm Moritt Hock & Hamroff LLP, who specializes in cybersecurity cases, has helped companies ranging from health care to car dealerships and smaller law firms deal with legal fallout from ransomware attacks.
“Sometimes the data is encrypted so well that executives have had to make the difficult decision of paying the ransom amount on Bitcoin. It’s a horrible feeling,” he said.
Many current victims were still struggling Monday to recover from the first attack of the so-called WannaCry virus.
Carmaker Renault said one of its French plants, which employs 3,500 people, wasn’t reopening Monday as a “preventative step.”
On Monday, Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices.
With Daysi Calavia-Robertson