Published: Sat, May 20, 2017
World | By Paul Elliott

China criticises US actions for hindering global effort to fight cyber crime

A researcher from Google posted on Twitter that an early version of WannaCry from February shared some of the same programming code as malicious software used by the Lazarus Group, the alleged North Korean government hackers behind the destructive attack on Sony 2014 and the theft of $81 million from a Bangladesh central bank account at the New York Fed previous year. Over the weekend, Microsoft rolled out a patch for Windows XP, Windows Server 2003 and Windows 8.

On Wednesday security firms Bitdefender and Proofpoint found hackers using the same exploit to spread cryptocurrency-mining malware called Adylkuzz. You've got up to three days to pay before it doubles to $600. Therefore, it's very likely that the number of victims of the cyber-attack in India is much higher than what has been reported so far as the majority of the computers in the country are still powered by Windows versions that the company no longer supports.

Never open attachments received in emails, even if from trusted sources. Ransomware is a type of malware ("malicious software") that infects a machine and holds your data hostage.

If you or your organization is running a version of Windows, you could be at risk.

But Scott Vernick, a data security lawyer at Fox Rothschild that represents companies, said he was skeptical that WannaCry would produce a flood of consumer lawsuits. "If we did stop it, there's like a hundred percent chance they're going to fire up a new sample and start that one again", he told the Daily Beast. American officials said Monday that they had seen the same similarities. Researchers highlighted the response of one participant who noted that Windows updates are available frequently - always the second Tuesday of every month, and occasionally in between those regular changes.

The latest ransomware was successful because of a confluence of factors. It affected any Windows computer without the Windows Patch MS17-010 that Microsoft released in March. Count on multi-level security, software update management, email monitoring and more. Also, unlike the other arms control treaties which have norms for regulating the conduct of non-state actors, in cyber space, there is hardly any distinction between state and non-state actors, especially when attacks are crowd-sourced-groups working together or separately to target a particular company or country at the behest of a state. If that is true, I wonder if NSA has any legal liabilities for damages? Microsoft then made its patch available to all XP users but many of those who didn't update immediately were caught out. However, it was these outdated ATM systems that were the least impacted.

"There's a lot of older Windows products out there that are "end of life" and nobody's bothered to take them out of service", said Cynthia Larose, a cybersecurity expert at the law firm of Mintz Levin. These two directives are incompatible in a global system: weaknesses exploited to attack an adversary are making the home networks equally vulnerable. System administrators should ensure that employees don't have unnecessary access to parts of the network that aren't critical to their work.

The Maharashtra Police department was also partially hit by the WannaCry ransomware. Shutting down a network can prevent the continued encryption - and possible loss - of more files.

Keep your computer up to date.

Back up your information before you're attacked. Many organizations without updated backups may decide that regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.

Researchers are keen to point out that more investigation is needed before any definitive conclusions can be drawn. However, data stolen from the infected computers can be sold in the black market for millions of dollars. Despite the global chaos that it caused, it appears that the ransomware yielded limited success-only $26,000 in ransom, or the approximate equivalent of 15 Bitcoins at the current exchange rate. But that's also a warning call for you to look at upgrading your computer - which probably isn't good news at planting time or with corn under $4, but your farm data is important and should be protected. Vista's extended support has expired in April 2017.

Like this: