Wednesday, 20 September 2017
Latest news
Main » 'WannaCry' Ransomware Attack Reveals Government Possession of Attack Tools

'WannaCry' Ransomware Attack Reveals Government Possession of Attack Tools

20 May 2017

"The recent global ransomware attack exploiting a flaw in Windows, while serious, not only demonstrates the continued ubiquity of Microsoft, but also highlights that numerous affected enterprises or entities that are still using older, and now unsupported, versions of Windows need to accelerate their plans to upgrade to Windows 10", analyst Michael Nemeroff wrote in a note to clients Monday entitled "If you're not current, you're toast". The sudden outbreak of "WannaCry Ransomware" is a new variant that spreads through email attachment and links.

They advised those whose networks have been effectively shut down by the ransomware attack not to make the payment demanded - the equivalent of $300, paid in the digital currency bitcoin, delivered to a likely untraceable destination that consists merely of a lengthy string of letters and numbers.

The security firm Kaspersky Lab, based in Russian Federation, noted that Microsoft had repaired the software problem that allows backdoor entry into its operating systems weeks before hackers published the exploit linked to the NSA, but also said: "Unfortunately it appears that many users have not yet installed the patch".

Computer security experts have assured individual computer users who have kept their PC operating systems updated that they are relatively safe.

Malware attack leveraged NSA tool that leaked online, says Microsoft.

More news: Benches clear in Giants-Dodgers series finale

The "WannaCrypt" cyber-attack (from the software's name Wanna Decryptor, and also known as WannaCry) is estimated to have hit some 200,000 organisations in at least 150 countries. Using an operating system after its expiration date is unwise, but in fairness to the millions of people around the world still using old versions of Windows, expecting consumers to regularly buy expensive software of uncertain quality is unwise too.

The tools behind the attack originated within the NSA. But in this case, according to Kaspersky Lab, the shared code was removed from the versions of WannaCry that are now circulating, which reduces the likelihood of such a "false flag" attempt at misdirection. When this happens, you can't get to the data unless you pay a ransom.

The good news is that Javelin's software was able to prevent the spread of WannaCry on their customers' computers, right out of the gate, explained Abutbul. The best course of action is to contact an IT or Cyber Security professional to assist you in analyzing and minimizing the attack. This malware was used to launch the WannaCry ransomware attack on May 12.

FedEx, French automaker Renault and Spanish telecommunications firm Telefonica are among those attacked.

Britain's National Health Services first sounded the ransomware alarm Friday. It can't be overstated that the choice to let older versions of Windows lapse into a condition of permanent insecurity is as much a business strategy as an engineering decision, and one that leaves Microsoft customers in the lurch when something like WannaCry breaks loose.

More news: Singapore Airlines to re-integrate SIA Cargo division

But per Microsoft's point, things aren't going according to plan recently, and our nation's secret keepers have been having a lot of trouble keeping their computer weapons away from the likes of the Shadow Brokers and Wikileaks.

Affected Windows systems include everything from Windows Vista, Windows Server 2008, Windows 7, Windows 8.x, Windows Server 2012, Windows 10 and Windows Server 2016. Several security holes are fixed before they can be exploited.

Microsoft is pointing its finger at the US Government, while many experts say the software giant is also accountable.

Smith says cyberweapons require a new approach, and governments must "consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits".

More news: USA summons Turkey envoy for embassy brawl