Published: Пт, Мая 19, 2017
Health | By Jay Jacobs

WannaCry ransonmware attack slows globally; Microsoft says cybersecurity is a shared responsibility

WannaCry ransonmware attack slows globally; Microsoft says cybersecurity is a shared responsibility

The ransomware attack was particularly malicious, because if just one person in an organization clicked on an infected attachment or bad link, all the computers in a network would be infected, said Vikram Thakur, technical director of Symantec Security Response.

As a ransomware program, WannaCry itself is not that special or sophisticated.

The worldwide "ransomware" cyberattack spread to thousands of more computers on Monday as people logged in at work, disrupting business, schools, hospitals and daily life, though no new large-scale breakdowns were reported.

The health service has been criticised for using the outdated Windows XP operating system to store digital information, despite security updates for the software having been discontinued by Microsoft.

In a blog post late Sunday, Microsoft President Brad Smith appeared to tacitly acknowledge what researchers had already widely concluded: The ransomware attack leveraged a hacking tool, built by the U.S. National Security Agency, that leaked online in April.

Meanwhile, Irish hospitals suspected of being hit by the global cyber attack had been targeted by a different, older virus, health chiefs have revealed.

Shortly after registering the domain, MalwareTech discovered that "our registration of the domain had actually stopped the ransomware and prevent the spread". However, a hacker could rewrite the code to omit the kill switch and start trying to infect new machines with a new version of it. This led researchers to conclude that it's likely not the work of the original authors.

WannaCry, which has quickly spread through Europe and Asia in just a matter of hours took advantage of the Windows operating system's vulnerability in its file-sharing protocol.

It has attacked hundreds of thousands of computers, security experts say, from hospital systems in the United Kingdom and a telecom company in Spain to universities and large companies in Asia.

Executives in charge of security should immediately warn employees against opening any suspicious Word documents and apply patches to any legacy Windows systems to avoid falling victim to a ransomware attack that is sweeping the globe.

Security firm BinaryEdge, which specializes in internet-wide scans, has detected more than 1 million Windows systems that have the SMB service exposed to the internet. However, companies that failed to download a patch issued by Microsoft in March may have trouble filing a claim with their insurance company.

"MeitY has initiated contact with relevant stakeholders in public and private sector to "patch" their systems as prescribed in the advisory issued by CERT-IN". The path to upgrading things hasn't been as rapid in places like China and Russian Federation.

You've probably heard about the ransomware attack affecting organizations' computer systems around the world. Microsoft has tried to convince companies to stop using SMBv1 for some time, as it has other problems aside from this flaw. They still might have to in case of a second round.

The success of WannaCry, at least as far as rapid distribution is concerned, has proved to cybercriminals there are many vulnerable systems on enterprise networks that can be targeted through old exploits. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits". And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today - nation-state action and organized criminal action.

Like this: