This is a good lesson why you update your computers and phones when it tells you to.
An enormous cyber attack hit organizations and companies around the world Friday – hospitals in the UK, a leading Spanish phone company, FedEX in the U.S. according to NBC, plus targets in Russia, Ukraine and Taiwan.
What is it? A ransomware attack.
That's when some sort of malicious code works its way into a computer, then locks it up until the user agrees to pay up. One study from last fall found the average payment demand is $722, ZDNet reported. So it's not chump change.
This particular wave starts at $300, but the price goes up the longer you wait, Consumerist explains. And if you wait too long, it wipes your computer.
The scope is huge
In all, the avast cybersecurity blog says on Friday it's detected more than 75,000 instances of this particular ransomware attack – called WanaCrypt0r 2.0 – across 99 countries.
The attack is referred to as WannaCry, a Kaspersky researcher writes, and is taking advantage of an exploit in Microsoft Windows that was publicized by the hacker group Shadow Brokers in April, ArsTechnica reports.
"This is huge," tweeted avast malware researcher Jakub Kroustek.
"The Ransomware Meltdown Experts Warned About Is Here," WIRED's headline proclaims.
Here's the thing: There's a patch
Amid all this, it's important to note that Microsoft issued a patch fixing this specific exploit
But if you didn't download and install the update, you were left vulnerable.
The U.S. Department of Homeland Security put out a statement encouraging Americans to update their systems if you haven't already.
In case you ever find yourself at the end of a ransomware attack, bookmark this walkthrough on what to do – and not do – from Krebs on Security. (That's the guy who broke the Target data breach story.)