"Brad Smith, Microsoft's chief counsel, said Sunday in a company blog post that by keeping software vulnerabilities secret from vendors, governments open up users to attacks like Friday's WannaCry - or WannaCrypt/WanaCrypt - hack in which malware locked down computers worldwide while demanding hefty sums for freedom".
(AP Photo/Lee Jin-man). A customer walks by the notice about "ransomware" at CGV theater in Seoul, South Korea, Monday, May 15, 2017.
Companies are often slow to apply these fixes, called patches, because of worries that any software change could break some other program, possibly shutting down critical operations. While some firms have asked employees to temporarily suspend work for a few hours, some others have declared holiday for two days, while their respective technical teams upgrade their security systems, to prevent a potential Wanna decryptor attack, said a report by a leading English news portal.
WannaCry developers have prepared a Q&A section in various languages, offering infected users localised instructions on how to recover data and how to pay the ransom.
"This is turning into the biggest cybersecurity incident I've ever seen", United Kingdom -based security architect Kevin Beaumont said. Usually used by cyber criminals, ransomware is a popular means of making illicit money from victims who have to pay the criminals in order to have their data decrypted. According to a Twitter account that monitors those accounts, they've received only about 250 payments worth a total of slightly more than $72,000.More news: Congressman Calls For Trump's Impeachment During House Floor Speech
In this case, he said, the NSA apparently handed the WannaCry makers a blueprint - pre-written code for exploiting the flaw, allowing the attackers to essentially cut and paste that code into their own malware. Download the latest security and anti-malware software right here on FileHippo - all for free.
U.S. Treasury Secretary Steven Mnuchin, at a meeting of world leaders in Italy, said the attack was a reminder of the importance of cybersecurity.
While these are the numbers that have been revealed, cyber security experts fear that several companies might not even be reporting getting hit by the cyber attack in fear of losing face.
After an emergency government meeting Saturday in London, Britain's home secretary said one in five of 248 National Health Service groups had been hit.
In the wake of the ransomware attack triggered by WannaCry virus, IT firms in Bengaluru are racing against time to updating their security systems. Russian Interior Ministry, which runs the national police, said the problem had been "localized" with no information compromised.More news: North Korea War a 'High Possibility,' South Korea's New President Says
The group provided no proof that it holds the data it claims, and it's possible that it is lying.
On Sunday, MalwareTech was one of many security experts warning thata less-vulnerable version of the malware is likely to be released.
When Microsoft sells software it does so through a licensing agreement that states the company is not liable for any security breaches, said Michael Scott, a professor at Southwestern Law School. The exploit was leaked last month as part of a trove of NSA spy tools.
But there will be other vulnerabilities to come, and not all of them will have fixes for older systems.More news: Green vote helped NDP more than Liberals, says UBC prof
- 'Planned By AAP', Says Kapil Mishra On Being Attacked During Protest
- Intelligence Trump leaked to Russians came from Israel
- Trusts told to remain vigilant with updated cyber-attack guidance
- Minister McHugh is backing Varadkar for leadership
- Turkey calls for ouster of United States envoy for anti-IS coalition
- Oppo A77 launched with 4GB RAM and 3200mAh Battery
- "I Will Not Resign, I Repeat, I Will Not Resign." - Brazilian President
- Comey Hid Among White House Curtains to Avoid Trump
- Kane scores 4 as EPL runner-up Tottenham routs Leicester 6-1
- WikiLeaks awaits UK decision on Assange's status