WannaCry is your fault — Microsoft to NSA

Cyber-security firm Avast said it has detected 75,000 cases of "Ransomware" attack in 99 different countries. The sobering experience of WannaCry must at least cause them to prioritize patching in a way that until now they have not.

Ransomware is not a new invention. As it is, if they have a piece of malware, it's highly likely that even small-time criminals will have it, too. But the latest iterations have become increasingly sophisticated. "We need an agency that has the worldwide credibility not only to observe what's happening, but to call the question and even identify the attackers when nation-state attacks happen". It leveraged an exploit - a tool created to take advantage of a security hole - leaked in a batch of hacking tools believed to belong to the NSA.

WannaCry landed nine weeks after Microsoft's patch arrived. SMB networks are used in homes and businesses to transfer data between trusted computers.

"Malware that penetrates the perimeter and then spreads inside the network tends to be quite successful", said Johannes Ullrich, director of the Internet Storm Center at the SANS Institute.

A free tool called Wannakey can allow users to decrypt the files on some computers that have fallen victim to the WannaCry ransomware.

Computers in 150 countries have been affected. "Russian Federation has got absolutely nothing to do with it", Mr Putin said. Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message.

WannaCry's worm-like capacity to infect other computers on the same network with no human intervention appear tailored to Windows 7, said Paul Pratley, head of investigations & incident response at United Kingdom consulting firm MWR InfoSecurity.

FedEx, French automaker Renault and Spanish telecommunications firm Telefonica are among those attacked.

“Time will tell how quickly people are going to patch their systems.” If the answer is "not fast enough", what started off as a modest crippling of global Windows-based system, could become a full-blown global paralysis.

Nonetheless, in our own national chapter of this global drama, the NHS and the British government deserve to be shamed. On Friday, it reported 16 computer networks were shut down.

Cavs send Celtics to record loss, 130-86, lead series 2-0
Mighty as they've been in the playoffs, the Cavs were mildly disrespected by the team Boston beat to reach the East finals. The final shot of the first half was indicative of how the game played out. "Cleveland didn't want to see us.


Is the threat still out there?

Some of those who have paid the WannaCry ransom have regained control of their computers, security researchers say. The domain is believed to be a defense against sandboxing, the act of isolating software to research it. The researcher registered the name, and at that point the malware infection slowed. "We have been updating our whole security measures since March itself, software has been installed". For the most part, users on Windows XP, Windows 8, and Server 2003 were not provided a fix.

Unfortunately, not everyone can update their versions of Windows. That means that there's no effective kill switch. You may lose some data, but it's a lot better than losing access to all of your files.

Are there potential cyber-attacks that can affect the Linux operating system?

Over the weekend the company took the unusual step of releasing a similar patch for Windows XP, which the company announced in 2014 it would no longer support.

Always practice net safety.

Do you have to open an email attachment to be infected?

Some web browsers will alert you if a site appears to be suspicious.

Want to keep your computers safe?

Anyway, download this patch from Microsoft and install it.

In his blog post, Microsoft's Smith says that "the governments of the world should treat this attack as a wake-up call".

Microsoft President Brad Smith wrote on Sunday - "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem". "We need a convention that will call on the world's governments to pledge that they will not engage in cyberattacks on the private sector, that they will not target civilian infrastructure, whether it's of the electrical or the economic or the political variety".

Latest News