Vendredi, 22 Juin 2018
Latest news
Main » Microsoft Releases Windows Ransomware Patch, Blasts NSA for Malware Stockpile

Microsoft Releases Windows Ransomware Patch, Blasts NSA for Malware Stockpile

17 Mai 2017

Britain's National Health Service (NHS), which reported some of the first infections on Friday, said most of its affected organizations were working normally and played down the possibility of another large-scale wave of attacks this week. Seven of the 47 affected trusts were still having IT problems Monday. Researchers recorded infections in tens of thousands of machines, and Europol estimated Sunday that the attack had spread to about 150 countries. In part, that's simply because of the logistical complications involved in paying ransom to unlock thousands of computers within the short time frame demanded by the hackers behind the WannaCry attack.

Jonathan Sander, chief technology officer for STEALTHbits Technologies, called WannaCry "a Frankenstein's monster of vulnerabilities with patches and exploits that were stolen from the NSA and published for all to see". (Bitcoin in a type of digital currency widely used online.) Victims have only hours to pay the ransom, which rises to $600 before the files are destroyed. "Software updates and security patches are pushed to us as needed so that we are using the most current approved versions of software on our computers".

In Japan, several large manufacturers have been hit, reporter John Matthews tells NPR: "Companies including Hitachi have reported several of their systems going down, including computers at a hospital in eastern Japan". Although a researcher discovered and activated a kill switch in the original software, new versions lacking that safeguard have already been released.

Qihoo 360, one of China's leading suppliers of anti-virus software, had said Sunday that at least 29,372 institutions ranging from government offices to ATMs and hospitals had been "infected", singling out universities as particularly hard-hit.

Vernick said businesses that failed to update their software could face scrutiny from the U.S. Federal Trade Commission, which has previously sued companies for misrepresenting their data privacy measures. Over the weekend the company took the unusual step of releasing a similar patch for Windows XP, which the company announced in 2014 it would no longer support.

"You can point a lot of fingers, but I think given that this was not a zero-day vulnerability (for which no patch is available), the people hacked are to blame", said Robert Cattanach, a partner at the global law firm Dorsey & Whitney and an expert on cybersecurity and data breaches. The tool is called WCRYSLAP and can be found here.

But, if you suspect that your computer is infected with a malware, do not open any files. Shutting down a network can prevent the continued encryption - and possible loss - of more files. "It takes time to upgrade all systems in an organization and train end users on the new features and functionality".

First, make sure you have the latest software. Microsoft also recommends running its free anti-virus software for Windows.

You should make multiple backups - to cloud services and using physical disk drives, at regular and frequent intervals.

WannaCry harks back to an earlier era of computing insecurity, when viruses routinely swept across the internet, causing widespread disruption and spurring desperate fixes that befit their often ominous names: Mydoom, BadTrans, Sobig, Netsky.

Finally, always stay alert.

"Whether or not you think the US government should be spending a fortune developing such cyberweapons, surely it is obvious that the weapons they develop should be properly secured".

Heather Kelly contributed reporting.

Microsoft Releases Windows Ransomware Patch, Blasts NSA for Malware Stockpile