Losses from WannaCry will also be limited as the ransomware is largely hitting organizations in Europe and Asia where fewer companies buy cyber insurance, although more companies outside the USA are buying the coverage, he said.
Microsoft is unlikely to face legal trouble over the ransomware attack, according to legal experts.
Ransomware is on the rise, with companies big and small falling victim, as well as public sector organisations and individuals all falling victim to ransomware attacks over the past 12 months. In its ransom note, which supports 27 languages, it initially demands US$300 worth of Bitcoins from its victims-an amount that increases incrementally after a certain time limit.
Three variants of the ransomware have been detected.
The ransomware used in the hack exploited a vulnerability purportedly from NSA called EternalBlue, according to cyber security experts.
Microsoft patched this hole in March for modern versions of Windows. Consequently, there is no way for the hackers to actually know who has paid and who hasn't. Data security policies and procedures should be reviewed and revised in light of the vulnerabilities identified by the WannaCry ransomware.
The Financial Conduct Authority (FCA), the UK National Cyber Security Centre and the Federal Bureau of Investigation have all noted that many cyber-attacks are not necessarily sophisticated. "Attribution can be hard here". But it's still slow: From the time an update is released, it takes an average of 24 days before half of the computers belonging to software engineers are updated.
Smith said the malicious WannaCrypt software "were drawn from the exploits stolen from the National Security Agency". "That theft was publicly reported earlier this year". The NSA did not immediately return a request for comment. In a way, the purported NSA tools were the precursor to the damaging virus.
Microsoft has come out in defence of its role in Friday's on-going global cyber-attack, criticising the role of the US National Security Agency in creating tools that were subsequently leaked and then used in Friday's attacks. Two former intelligence officials and a retired Navy admiral told the Senate committee on Thursday that the US lacks first responders for cyber attacks. "The governments of the world should treat this attack as a wake-up call".
That malware also is believed to have been captured by hackers. During the weekend, Microsoft called out the NSA for researching and hiding vulnerabilities, comparing this incident to theft of a US missile.
The agency is regarded as having among the world's most advanced cyber intrusion capabilities. Patching is critical for defending against attacks that exploit security flaws.More news: Chelsea Manning released from prison
"This vulnerability stolen from the NSA has affected customers around the world".
"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage", Smith wrote in a blog post.
The company fixed the problem with a software patch in March, but users who failed to upgrade their OS remained vulnerable.
The WannaCry attack is a wake-up call on the use of software vulnerabilities by governments, Smith said, adding that he favors creating an worldwide "Digital Geneva Convention" to regulate the use of software vulnerabilities. Telefonica's head of cyber-security Chema Alonso - himself a former hacker - said the infected equipment was "under control and being reinstalled".
Expect to hear a lot about Google's artificial intelligence strategy this week.
Bossert, the White House homeland security adviser, defended the government's handling of known security vulnerabilities. The attack's spread demonstrates how hundreds of thousands of computers in more than 150 countries are running outdated software that leaves them vulnerable.
I know this all sounds politically impossible right now, but we simply cannot live in a future where everything - from the things we own to our nation's infrastructure - can be held for ransom by criminals again and again. "RBI has asked banks to update specific Windows patches on ATMs urgently and not to operate ATM machines unless updates are in place", an official with RBI said. If you are running Windows 10, your computer won't be affected.
WannaCry is a type of ransomware computer worm.
All people had to do to stay safe from WannaCry was update their software.
He went on, though, to emphasize that the attack had demonstrated the "degree to which cybersecurity has become a shared responsibility between tech companies and customers", the latter of whom must update their systems if they want to be protected.