WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities

Massive ransomware attack hits 74 countries

Massive ransomware attack hits 74 countries

WannaCrypt should be a wake-up call to the C-Suite that IT is not a black hole where the money goes to vanish.

That malware was behind the massive ransomware attack that started Friday, hitting more than 150 countries and 200,000 computers, shutting down hospitals, universities, warehouses and banks. Consider it an infosec masterclass. But a new version of the malware may already have been released, according to the head of the Europol, which helps the European Union fight crime and terrorism.

The NHS in the United Kingdom has become the poster-child victim of the cyberattack but, in truth, thousands of organisations were caught with their guard down.

So far, the culprits are unknown, as is the motivation.

While visualizations show that multiple Indian systems have been hit by the attack, only the Andhra Pradesh police has so far disclosed that some of its computers were hit.

Beware of unknown emails, especially if there are attachments or links. Once inside an organization's network, the malware behind the attack spread rapidly using this vulnerability.

"Or we could potentially see copycats mimic the delivery or exploit method they used", he said.

Oh, you will know.

After taking computers over, the virus displayed messages demanding a payment of $300 in virtual currency Bitcoin to unlock files and return them to the user.

Researchers will often tell you there's no ideal solution to a ransomware attack because there isn't any.

Nothing. Unless you have your files backed up, there is little you can do, except learn from the experience.

Installing Secure Email Gateway (SEG), to carry out URL filtering and make sure it's tuned correctly is also recommended along with patch endpoint, OSes and 3rd-party applications regularly.

In addition to Microsoft's Security Bulletin MS17-010 that patched the vulnerability in March, the company also issued a separate patch on Friday for users of older and unsupported operating systems such as Windows XP.

The hack wasn't just limited to computer systems in the UK.

The attack largely infected networks that used out-of-date software, such as Windows XP, which Microsoft no longer offers technical support for.

Yes, Microsoft has a point.

A hacker group - known as Shadow Brokers - obtained an arsenal of cyber warfare tools in April from the NSA, of which the USA agency called "Eternal Blue". "The first death directly attributable to a cyberattack suddenly seems possible", the Financial Times's Tim Bradshaw wrote Sunday. A decade ago, a virus weapon developed by the U.S. and Israel called Stuxnet went rogue and began attacking innocent utility companies.

Over the weekend new versions have emerged without the kill switch. Instead, some opportunist developers, who could be hackers themselves, spotted the leaks and added them to their own software and released them. The thawing may be partly credited to a 22-year-old researcher who found a "kill switch" that slows the spread of the virus by simply registering a website name, the Wall Street Journal reported. PwC warns that organisations should not block these domains and should ensure that their security providers do the same.

Attacks like the one now grabbing headlines throughout the world are minor compared to what security experts consider the biggest threat hackers pose to the U.S.: The ability to shut down massive parts of our nation's power grid.

"For Microsoft to say that governments should stop developing exploits to Microsoft products is naive", said Brian Lord, a managing director at PGI Cyber and former deputy director at the Government Communications Headquarters, one of the U.K.'s intelligence agencies.

The U.S. government clearly had its priorities wrong in not focusing on better protecting these cyberweapons, he said.

Recommended News

  • Destiny 2 Official Gameplay Reveal Trailer

    Furthermore, Destiny 2 sports detailed weapon models, vivid weather effects, and a host of enemies on screen. Bungie will also be hosting an open beta later in the summer so fans can check out the game before release.
    'Android Go to be rolled out in 2018'

    'Android Go to be rolled out in 2018'

    You can find out the type of flower by pointing at it, for example, or get reviews for a restaurant you're walking by. But along with these, smart text feature also makes Maps icon to pop which will show you the address directly.

    Blowback from Comey sacking hits Trump as White House tries to reset

    CNN said Comey is "not anxious about any tapes" Trump may have, citing an unnamed source familiar with the matter. There's one reason Trump might like the sound of FBI Director Cornyn: He's a Trump-Russia conspiracy skeptic.
  • Microsoft Criticizes Government Creation of Hacking Tools

    Asked what the company is doing to prevent such exploitations, he cited "basic IT security blocking and tackling". Microsoft noted the massive damage caused by the leaked cybersecurity vulnerabilities that governments held.

    BC Greens break through, capture three seats

    The NDP leads in one riding, Courtenay-Comox, by just nine votes over the Liberals. The Liberal leader also injected a note of humility on the drop in Liberal seats.

    Arsene Wenger: Arsenal's season far from a disaster

    Every morning I have my treatment for my Achilles and I know I need to do this to the end of my career. Mattias is ESPN FC's Arsenal correspondent.
  • Trump Says Joe Lieberman Leading Candidate for FBI Director

    Trump Says Joe Lieberman Leading Candidate for FBI Director

    Lieberman's past law enforcement experience would mainly come from his time as Connecticut Attorney General from 1983 to 1989. He later registered as an Independent, but he continued to serve with the Democratic caucus in the Senate.
    Instant Apps, Notification Dots and More Coming to Android Devices

    Instant Apps, Notification Dots and More Coming to Android Devices

    The blob-like emojis are popular nowadays and were first launched in Android 4.4 KitKat which are being modified over the years . Google also said that Android Pay is now available in 10 markets, and will soon add Brazil, Canada, Russia, Spain and Taiwan.

    Himes: Trump's tongue a security concern

    He has without question dealt another blow to USA credibility and made other nations justifiably wary of sharing what they know. McMaster, suggesting that it was a spontaneous move by the President and not a step he previously discussed with his advisers.
  • Warriors rout Spurs, take 2-0 series lead

    Warriors rout Spurs, take 2-0 series lead

    Kevin Durant added 16 points for the Warriors , who had assists on 30 of their first 38 baskets while building a huge lead. I don't think as a group they really did, which means probably a little bit feeling sorry for themselves psychologically.
    Governments to blame for cyberattack

    Governments to blame for cyberattack

    Well, you can still download the update and follow some basic safety measures to keep yourself away from such attacks. The spread of the virus slowed over the weekend but the respite might only be brief, experts have warned.

    Warren Buffett's one-word answer for why he hasn't purchased Amazon shares

    Buffett's longtime partner Charlie Munger said he'd rather own Berkshire shares, for his part. Buffett is the celebrity that everyone wants to get close to at the meeting.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.