Ransomware outbreak prompts Microsoft to update old software

Share

The "WannaCry" malware attack highlights the tension between tech companies that want to know about security vulnerabilities to protect their customers, and the government's reliance on those flaws for counter-terrorism and law enforcement.

"The culprit was "#ransomware" known as WanaCryptOr 2.0, or WannaCry. Following this, it demands a ransom be paid in Bitcoin (virtual money) to let users access their data again. The WannaCry ransomware is able to spread throughout a computer system, searching for vulnerable devices to attack-users did not have click on a phishing e-mail to be victimized, according to security experts. You could say an attack of this nature has been coming, particularly when a 2016 study by ISP Beaming, suggested cyber-attacks were already costing British businesses around £34bn. Given that a week hasn't passed since the first reports of infections, it's possible there will be another surge of payments over the next week. But the latest iterations have become increasingly sophisticated.

The tools behind the attack originated within the NSA. The hacking tool at work was originally developed by the U.S. National Security Agency, before it leaked online earlier this year.

Crackers used the loophole present in Microsoft SMB Protocol to spread this program to other computers. You can also protect your system by installing updated anti-virus softwares which can detect if such virus is present in the mail. Globally, the attack appeared to be waning, after affecting more than 200,000 victims in at least 150 countries, many of them still struggling to deal with the problem. It appears the developers hoped their malware would go worldwide, as the ransom message had been translated into dozens of languages. However, global organisations such as Deutsche Bahn, FedEx, Renault and Telefonica were among others hit as WannaCry spread globally. Expect more of these improved knockoffs to show up very soon.

China's National Computer Network Emergency Response Center has confirmed that by 14 May, half of the infected IPs were located in China.

Patients wait at the registration desks at Dharmais Cancer Hospital in Jakarta, Indonesia, Monday, May 15, 2017. And two, as more people pay the ransom, this trend is more likely to grow.

Is the threat still out there? And since they're wireless by nature, phones get regular over-the-air security updates, even for old OS versions.

Microsoft has faced criticism since 2014 for withdrawing support for older versions of Windows software such as 16-year-old Windows XP and requiring users to pay hefty annual fees instead. Even though Microsoft no longer provides updates for Windows XP, it is still widely used in Europe and Asia.

More news: Lib Dem manifesto is a pitch to become the leading opposition party

It turns out the unregistered domain name was a "kill switch" embedded in the WannaCry code. However, a glitch in the installer means that the variant propagates, but doesn't install the part of the malware that locks the computer. Those include a known and highly unsafe security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and malware created to spread quickly once inside university, business and government networks.

As if anyone needed more reasons to remain on high alert, the group that was responsible for stealing information from a USA spy agency that enabled someone to create the "WannaCry" virus warned that they had obtained far more information that would point to similar vulnerabilities in other computing platforms.

Always practice net safety.

"All these things have led to the current situation that India is not at all the victim of the attack in the manner the other countries of the world are facing today", he added. Some web browsers will alert you if a site appears to be suspicious. Security patches would be available for clients with older machines, but only if they paid for custom support agreements. The Ransomeware is a type of malicious software which encrypts the data and blocks it from holder to use the data.

"The governments of the world should treat this attack as a wake-up call", Smith said.

Microsoft in a blog post said that, "we at Microsoft have the first responsibility to address these issues". "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits", he said.

Call it a "hack" or an "attack" or what you will, the WannaCry ransom ware issue that's hitting the news is something to keep up on.

Share