Iran’s Cyber Police warn that the “ransomware,” which has affected countless computer systems worldwide, has reached some systems inside the country, urging preemptive measures to prevent it from spreading further.
Colonel Hossein Ramezani, the police’s chief of international and legal affairs, made the remarks to Islamic Republic of Iran Broadcasting (IRIB) on Saturday.
The attack, which started on Friday, has been holding hospitals and other entities hostage by freezing computers, encrypting their data and demanding money through online bitcoin payment — $300 at first. It threatens the victims with destroying the data if they fail to pay up, and raises the ransom to $600, the longer they delay to do so.
It has caused Microsoft to put up some of its security fixes for free, and Ramezani urged IT authorities to update their operating systems as soon as possible.
He said the malware, known as “WannaCry,” has stricken computer systems in 70 countries, and described its main target as health systems, transportation hubs, and the service industry.
He said the attack did not have any specific targets. The hackers staging the onslaught, the official said, have broken ranks with a foreign intelligence service, apparently referring to the National Security Agency (NSA) of the United States.
They trick victims into opening harmful attachments to spam emails that appear to contain invoices, job offers, security warnings and other legitimate files.
On Saturday, the attack crippled Britain’s hospital network. A researcher has, meanwhile, reportedly found a “kill switch” in the software’s code.
Brigadier General Gholamreza Jalali, the head of Iran’s Passive Defense Organization, said the body was ready to provide the means for enabling retrieval of the information that the country’s establishments or institutions may have lost to the attack.
“Given that the US is not among the targets of the attack, which has mainly hit East European countries, one could consider the source of the attack to be the United States,” Jalali said.
The international websites tracking the toll afflicted by the ransomware on various countries, he said, place Iran in the 15th place.
He also advised that affected computers be cut off from their networks, and the Cyber Police and the Cyber Defense Command be notified to stem the malware’s spread.