Sunday, 19 August 2018
Latest news
Main » New WannaCry variant being monitored, DHS official says

New WannaCry variant being monitored, DHS official says

16 May 2017

That's why it's called ransomware. Microsoft had issued a patch on March 14, but many computers hadn't run the update.

"It seems that a lot of internet security guys over the weekend did their homework and ran the security software updates", Jan Op Gen Oorth told AFP.

To begin with, the worm has been nearly too successful, having hit more than 200,000 victims - many times more than are usually caught out by ransomware aimed at large organisations.

Consumers are also at risk. Besides installing the updates, Microsoft also advises that the SMBv1 protocol is disabled, as it is an old protocol that has been superseded by newer versions.

Over the weekend, the ransomware hit systems in over 100 countries, including Russian Federation and the United Kingdom, in one of the most widespread cyber attacks in history. Several British hospitals were hit by cyber attacks on Friday, the country's health service said, forcing some to divert ambulances to other clinics and urge people not to try to contact their doctors. But U.K. hospitals, Chinese universities and global firms like Fedex also reported they had come under assault.

The effects were felt across the globe, with Russia's Interior Ministry and companies including Spain's Telefonica, FedEx the US and French carmaker Renault all reporting disruptions.

More news: It's far from case closed on Trump, Russia

"Using outdated versions of Windows that are no longer supported raises a lot of questions", said Christopher Dore, a lawyer specializing in digital privacy law at Edelson PC.

Experts added that small and medium-sized firms which still use older editions of Microsoft Windows systems, such as Windows XP, are more vulnerable to ransomware attacks.

DHS said its guidance for how to avoid ransomware attacks remains the same. The attack crippled more than 200,000 computers around the world. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches.

Back up your computer and store the safety version in the cloud or on a drive that is not connected to your computer.

In 2016, Motherboard reported hospitals across the United Kingdom run old, outdated Windows systems - legacy technology that no longer receives updates.

The difference between the earlier WannaCry attacks and the latest one is a worm-like component that infects other computers by exploiting a critical remote code execution vulnerability in the Windows implementation of the Server Message Block 1.0 (SMBv1) protocol.

More news: Trump tweets 'best thing' would be to cancel future press briefings

"It's very important everyone understands that all they (the hackers) need to do is change some code and start again".

Darien Huss, a 28-year-old research engineer who helped stop the malware's spread, said he was "still anxious for what's to come in the next few days, because it really would not be so hard for the actors behind this to re-release their code without a kill switch or with a better kill switch".

Other researchers have noticed some other aspects of the malware that suggest it might be the work of a new group.

Cybersecurity experts say the unknown hackers who launched this weekend's "ransomware" attacks used a vulnerability that was exposed in NSA documents leaked online.

Security researcher Matt Suiche - who analyzed the sample - noted that the archive through which the ransomware arrives on infected computers is corrupted, meaning it's not suitable for infecting users because it triggers various decompression errors. And WannaCry threatens to create even more havoc on Monday when people return to work.

"In many companies there's been an increase in investment in IT but not in the security that sits around it, so this investment is likely to play a bit of catch-up", said Lord, who spent 21 years at United Kingdom government intelligence service GCHQ.

More news: Scotland wants to be member of EU: Sturgeon