An unprecedented cyber-attack called WannaCry that has infected over 120,000 computers in some 100 countries also affected Romania’s biggest carmaker Dacia, which had to shut down some of its production lines and send some of its employees at home on Saturday morning. Dacia’s parent-group Renault has also been affected by the attack.

“Part of the production activities at the Dacia plant in Mioveni were affected by malfunctions in the IT systems and several employees were sent back home on Saturday morning, May 13. The measure was taken to prevent the expansion of the malfunctions, which, at first glance, seem to be a consequence of the global cyber-attack,” Renault Group Romania announced on Saturday.

The company has also set a crisis cell to monitor how this situation unfolds.

The global cyber-attack, which has been called “unprecedented” by Europol, has also affected hospitals in Britain and Spanish telecom operator Telefonica, as well as courier service FedEx in the US, according to Financial Times.

WannaCry is a ransomware attack which exploits a vulnerability of the Microsoft Windows operating system. Once installed on the infected computer, the virus encrypts the users’ files and demands payment in bitcoin to allow the victims to access their data.

While most ransomware attacks spread via malicious e-mail attachments, browser and third-party exploits in web-facing applications, WannaCry automates the exploitation of a vulnerability called MS17-010 that is present in most versions of Windows, according to Romanian cyber security group BitDefender. "This flaw allows a remote attacker to run code on the vulnerable computer and use that code to plant ransomware without anybody having to click malicious links or recklessly open e-mail attachments."

"This vulnerability has become public along with the release of a series of other hacking techniques allegedly used by the US government agencies to spy on citizens. It has subsequently been weaponized and added in the commercial malware circuit, thus causing widespread havoc and forcing businesses to shut down in order to protect their assets," according to the BitDefender blog.

Russian antivirus producer Kaspersky announced that its protection systems have identified at least 45,000 infection attempts with this type of ransomware, in 74 countries. Romania was among the ten most affected countries, according to Kaspersky.

Apparently, both Kaspersky and Bitdefender anti-viruses are effective in removing this type of attack, as security experts recommend users who have their computers infected not to pay the ransom.

Romania enters top 10 countries with most command and control servers for DDoS attacks

editor@romania-insider.com