Published: Mon, May 15, 2017
Hi-Tech | By Ellis Neal

What is WannaCry ransomware?


"It seems that a lot of internet security guys over the weekend did their homework and ran the security software updates", Op Gen Oorth told AFP.

Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services also were affected, China's Xinhua News Agency said, citing the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company.

Patients arriving at Dharmais Cancer Hospital had to wait several hours while staff worked with paper records.

"We've seen no impact in the health system which is important, we've had no reports of any government agencies impacted by this... unfortunately there are some very smart and bad people out there who spend their times trying to make things worse for us, and this is not game over". Because numerous computers impacted run older Windows systems like XP, Microsoft issued a rare patch for XP, which it had stopped updating more than three years ago.

Tempting as it may be in order to resolve your crisis quickly, law enforcement and cybersecurity experts don't recommend paying the ransom. "It's like after a robber enters your home. If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return".

Now the "kill switch" discovered by MalwareTech appears to be holding, although it seems reasonable to assume that variants of the virus without the kill switch will begin circulating soon, and indeed Danish security firm Heimdal Security believes they already are.

On affected computers, the WannaCry software encrypts files and displays a ransom message demanding $300 in bitcoin.

Just one person in an organization who clicked on an infected attachment or bad link, would lead to all computers in a network becoming infected, said Vikram Thakur, technical director of Symantec Security Response.

The attack has hit more than 200,000 victims across the world since Friday and is seen as an "escalating threat", said Rob Wainwright, the head of Europol, Europe's policing agency.

"We're talking about a small number of companies", a senior DHS official said.

Microsoft's president and top lawyer said Sunday that the ongoing cyberattacks - which experts are calling the largest in history - should be a "wake-up call" for governments.

In this context it's perhaps worth remembering that a year ago Apple came under tremendous pressure to create a special version of iOS for the USA government, under the promise that it would never escape their safe hands and get into the wild.

It's believed a group connected to the National Security Agency, known as The Equation Group, found or purchased previously undiscovered flaws in Microsoft Windows code and used them to create cyber-snooping and infiltration tools.

It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money. Instead of having to develop their own arsenals of cyberweapons, they simply had to repurpose work done by the highly skilled cyber experts at the NSA, said Phillip Hallam-Baker, principal scientist at the cybersecurity firm Comodo.

"Right now, just about every IT department has been working all weekend rolling this out", said Dan Wire, spokesman at Fireeye Security. Patched computers carry a much lower risk of being infected by malware or ransomware than those without an update.

Like this: