The ransomware attack, May 12, hit thousands of organizations across Europe and around the world, exploiting a vulnerability in the Windows XP operating system, causing thousands of systems to crash as IT engineers worked to fix the problem.
“As the European Cybersecurity Agency, we are closely monitoring the situation and working around the clock with our stakeholders to ensure the security of European citizens and businesses, and the stability of the Digital Single Market. We are reporting on the evolution of the attacks to the European Commission and liaising with our partners in the European Union CSIRT Network,” Udo Helmbrecht, Executive Director of ENISA, said.
However, the former head of the British intel agency GCHQ, David Ormand, criticized Microsoft, which had withdrawn support for XP.
“It would have been better if [the fix for XP] had been released a month earlier, when the company first became aware of the problem,” Omand wrote in a letter to the London Times newspaper, May 16.
ENISA and several European Member States are now working together to assess the situation at European level. A dedicated taskforce has been set up at ENISA to support what is the first ever case of cyber cooperation at EU level in that the EU Standard Operating Procedures, developed by ENISA and the Member States, are currently being used to this end.
“What makes this event unusual is that this attack impacted many organizations across the world in short period of time. Recent estimates, at this point in time, suggest that approximately 190,000 computers in over 150 countries have been affected. European Critical infrastructure operators (health, energy, transport, finance and telecoms), manufacturers and service providers have been affected,” ENISA said.
According to the EU law enforcement agency Europol, The European Cybercrime Center, within Europol is working closely with affected countries cybercrime units and key industry partners to mitigate the threat and assist victims.
“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” Europol- headed by the UK’s Rob Wainwright — said in a statement.
Its Joint Cybercrime Action Taskforce (JCAT) — a group of specialist international cyber investigators specially designed to assist in such investigations — will play an important role in supporting the investigation.