Tuesday, 22 May 2018
Latest news
Main » Second wave of ransomware attack targeting out-of-date Windows machines under way

Second wave of ransomware attack targeting out-of-date Windows machines under way

20 May 2017

The reports came swiftly on Friday morning, May 12-the first I saw were that dozens of hospitals in England were affected by ransomware, denying physicians access to patient medical records and causing surgery and other treatments to be delayed. The WannaCry hack threatens to delete users' encrypted files in a week if a ransom of $300 isn't met - doubled if the payment isn't made in within three days. "However, Hitachi and others have mostly only reported loss of email and other secondary functionalities".

Backing up data, Symantec adds, "is the single most effect way of combating ransomware infection". What was going on? Rather, once one Windows system was affected on a Windows network, WannaCry managed to propagate itself and infect other unpatched machines without any human interaction.

The massive ransomware campaign specifically targeted the healthcare industry. But it will improve intelligence services' accountability and, at the very least, force them to take better care of any dark stuff that comes into their hands. If these companies are found guilty of being negligent on their security updates, they could be in a lot of trouble.

They are having more luck dissecting flaws that limited its spread.

This is obvious, given that WannaCry is nothing new, thematically.

More news: Ex-US Rep. Anthony Weiner to plead guilty in sexting case

"Some organisations just aren't aware of the risks; some don't want to risk interrupting important business processes; sometimes they are short-staffed", said Ziv Mador, vice president of security research at Trustwave's Israeli SpiderLabs unit, speaking to Reuters.

When you're using public WiFi networks, make sure you tell your system that you're on a public network (many will ask if it's a public or home computer.) That tells your operating system that it's functioning in a potentially threat-filled environment and it will close off some of its more vulnerable software ports to the outside. The overall cost of dealing with WannaCry is estimated to be well above $100 million for the United Kingdom alone.

"There are plenty of reasons people wait to patch and none of them are good", said Mador, a former long-time security researcher for Microsoft.

He highlighted that the government had invested £50 million in supporting NHS IT networks during its last strategic defense and security review, and insisted that individual trusts were well-equipped to ensure they could protect themselves against cyber-attack.

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. But no system is foolproof, and even more importantly, their practice of stockpiling vulnerability is a questionable NSA practice that directly enabled this attack.

More news: Marcus: Why didn't Trump want anyone to hear his conversation with Comey?

Windows XP remains one of the most widely used operating systems in the world.

Windows users should update their software to avoid the ransomware, security experts say. Those who hadn't installed those patches before the "WannaCry" outbreak now have another reminder of how crucial it is to stay up-to-date.

However, Microsoft stopped routinely updating XP in 2014, and those still using it have to pay for custom support to receive any further patches. "Javelin specifically focuses on the malicious lateral movement in its early phases and has the ability to stop every spread attempt regardless of methodology and help the organization recover automatically".

Keep security software up to date. That means those customers will not have received the above mentioned Security Update released in March.

More news: Russian billionaire makes bid to buy Arsenal