"Brad Smith, Microsoft's chief counsel, said Sunday in a company blog post that by keeping software vulnerabilities secret from vendors, governments open up users to attacks like Friday's WannaCry - or WannaCrypt/WanaCrypt - hack in which malware locked down computers worldwide while demanding hefty sums for freedom".
(AP Photo/Lee Jin-man). A customer walks by the notice about "ransomware" at CGV theater in Seoul, South Korea, Monday, May 15, 2017.
Companies are often slow to apply these fixes, called patches, because of worries that any software change could break some other program, possibly shutting down critical operations. While some firms have asked employees to temporarily suspend work for a few hours, some others have declared holiday for two days, while their respective technical teams upgrade their security systems, to prevent a potential Wanna decryptor attack, said a report by a leading English news portal.
WannaCry developers have prepared a Q&A section in various languages, offering infected users localised instructions on how to recover data and how to pay the ransom.
"This is turning into the biggest cybersecurity incident I've ever seen", United Kingdom -based security architect Kevin Beaumont said. Usually used by cyber criminals, ransomware is a popular means of making illicit money from victims who have to pay the criminals in order to have their data decrypted. According to a Twitter account that monitors those accounts, they've received only about 250 payments worth a total of slightly more than $72,000.More news: Big banks fume over hefty new Australia levy
In this case, he said, the NSA apparently handed the WannaCry makers a blueprint - pre-written code for exploiting the flaw, allowing the attackers to essentially cut and paste that code into their own malware. Download the latest security and anti-malware software right here on FileHippo - all for free.
U.S. Treasury Secretary Steven Mnuchin, at a meeting of world leaders in Italy, said the attack was a reminder of the importance of cybersecurity.
While these are the numbers that have been revealed, cyber security experts fear that several companies might not even be reporting getting hit by the cyber attack in fear of losing face.
After an emergency government meeting Saturday in London, Britain's home secretary said one in five of 248 National Health Service groups had been hit.
In the wake of the ransomware attack triggered by WannaCry virus, IT firms in Bengaluru are racing against time to updating their security systems. Russian Interior Ministry, which runs the national police, said the problem had been "localized" with no information compromised.More news: State Department Summons Turkish Ambassador After Bloody Brawl in DC
The group provided no proof that it holds the data it claims, and it's possible that it is lying.
On Sunday, MalwareTech was one of many security experts warning thata less-vulnerable version of the malware is likely to be released.
When Microsoft sells software it does so through a licensing agreement that states the company is not liable for any security breaches, said Michael Scott, a professor at Southwestern Law School. The exploit was leaked last month as part of a trove of NSA spy tools.
But there will be other vulnerabilities to come, and not all of them will have fixes for older systems.More news: Kulbhushan Jadhav case: Five reasons why ICJ ordered Pakistan to stop execution
- Comey Hid Among White House Curtains to Avoid Trump
- Minister McHugh is backing Varadkar for leadership
- Kane scores 4 as EPL runner-up Tottenham routs Leicester 6-1
- FBI director candidates paraded past reporters
- 'Planned By AAP', Says Kapil Mishra On Being Attacked During Protest
- Trump open to engagement with North Korea under right conditions
- Congressman Calls For Trump's Impeachment During House Floor Speech
- Everybody has better healthcare than the USA , says Trump
- Intl. court asks Pakistan to stay execution of Indian 'spy'
- North Korea War a 'High Possibility,' South Korea's New President Says