Jeudi, 22 Juin 2017
Latest news
Main » WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities

WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities

16 Mai 2017

Once Microsoft released the patch for the vulnerability - exploited by hacker group "Shadow Brokers" after stealing a software from the US National Security Agency (NSA) - some Window XP users installed the update called "Microsoft Security Bulletin MS17-010" on their desktops and laptops.

MalwareTech said in a in a blog post Saturday that he had returned from lunch with a friend on Friday and learned that networks across Britain's health system had been hit by ransomware, tipping him off that "this was something big". And would there be a second round of attacks elsewhere?

Two security firms - Kaspersky Lab and Avast - said they had identified the malicious software behind the attack in upward of 70 countries, although both said the attack has hit Russian Federation hardest.

"The problem is the larger organizations are still running on old, no longer supported operating systems", said Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com.

Aatish Pattni from cyber security firm Check Point, said the version of Wanna Decryptor used in the attack was a new piece of malware.

He tweeted on Monday: "For the record I don't "fear for my safety", I'm just unhappy with trying to help clear up Friday's mess with the doorbell going constantly". "We haven't seen anything like this since Conficker in 2008", Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

Almost 50 NHS trusts were affected by the "WannaCry" ransomware attacks at the weekend where data was stolen and locked down, and computer users were told to pay money in return for their files.

"Well, that's the concern", he said. "They're processing a lot of sensitive data", he said.

Ms Rudd said the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) were now part of an "international manhunt" to find the perpetrators.

Generally a popup will appear if there is an update available but you can also force the computer to check for updates.

However, that single case might be optimistic, with reports today (15 May) of incidents discovered in three separate hospitals in Ireland.

Speaking to ITV's Peston on Sunday, Europol director Rob Wainwright said the attack was indiscriminate across the private and public sectors.

"IT managers need to be extremely aware that new variants of this ransomware attack are being launched nearly hourly, so they can't just check that their computer systems are protected, then relax, assuming everything will stay that way", he said.

England's National Health Service said 47 organisations providing care had been hit and on Sunday afternoon seven hospitals were continuing to divert patients from the emergency room. The trust, along with York Teaching Hospital NHS Trust, said that most surgery and outpatients appointments would go ahead, and that patients whose appointments had been cancelled would be notified.

French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, while FedEx said it was "implementing remediation steps as quickly as possible".

China's People's Daily reported that one student, identified only by the surname Tang, said his computer was hit on Friday night and that the ransom note was in several languages, including Chinese, Korean, Japanese and English. Copycat attacks could follow.

Microsoft's top lawyer, Brad Smith, had criticized the USA intelligence services for "hoarding" vulnerabilities in its operating system and urged authorities to report security problems to IT firms "rather than stockpile, sell, or exploit them".

WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities