Mercredi, 18 Octobre 2017
Latest news
Main » Microsoft Slams Governments For Global 'WannaCrypt' Attacks

Microsoft Slams Governments For Global 'WannaCrypt' Attacks

17 Mai 2017

The attack, known as "WannaCry" had a major impact across Asia as workers there returned to work on Monday, with Chinese state media saying nearly 30,000 institutions there had been infected.

You may have heard: a globe-spanning ransomware attack known as WannaCry (and "WannaCrypt" and "WannaDecryptor") started on Friday, ultimately encompassing some 200,000 computers in 150 countries. However, the latter version is non-functional and seems to have been a test by someone who manually patched the binary to remove the kill switch, rather than recompiling it from its original source code.

Speaking on the origins of the malware, the expert said, "This NSA tool for government agencies is now out in the hands of blackhats who are misusing it to a more wider effect".

Analysts have noticed an uptick of ransomware attacks in recent years, with most predicting an even bigger increase in 2017. WannaCry shut down ATM machines across China and crippled hospitals in Great Britain.

Microsoft on Friday released a security update for Windows XP that fixes an SMB v1 hole that has been recently used to spread ransomware via phishing attacks.

Security minister Ben Wallace said that the NHS had followed "pretty good procedures" in dealing with the attack. Given the current regulatory environment, it's the responsibility of these companies themselves, with their enormous financial resources, to track down these gaps in the security of their products, paying to acquire information if necessary.

The software, which spreads among Windows computers, infects and then locks up individual machines, demanding a ransom to be paid in the electronic currency Bitcoin. Opposed to the regular ransomware that encrypts just the local machine it lands on, this type spreads throughout the organization's network from within, without having users open an email or malicious attachment.

But some security researchers said this has not been proven.

"NSA should be embarrassed - they've had a lot of damaging leaks", said James Lewis, a former USA official who is now a cyber expert at the Center for Strategic and International Studies.

The number of infections has fallen dramatically since Friday's peak when more than 9000 computers were being hit per hour.

WannaCry exploits a vulnerability in older versions of Windows, including Windows 7 and Windows XP. One month earlier, Microsoft had released a patch targeting the vulnerability.

Redmond, Wash. - In the wake of unprecedented worldwide cyberattacks, Microsoft has issued security updates for systems that haven't been supported in years. The agency got compromised somehow and a group called Shadow Brokers has been posting the exploits online. Last week, someone pulled the trigger.

Some organizations disconnect computers as a precautionary measure.

As of Monday afternoon, about $58,000 had accumulated in the accounts, according to the British cybersecurity firm Elliptic Enterprises Ltd.

The investigators were still trying to identify the hackers who initiated this. That may not be easy. Those people "are at risk - they're probably not getting updates", he said.

Abutbul told me, "The WannaCry/Wcry ransomware-the largest ransomware infection in history -is a next-gen ransomware".

If the criminals were smart, Heilman said, they'd have asked for payment in the form of gift cards from retail stores.

Bitcoin was not as anonymous as many thieves would like it to be, he said, because every transaction was publicly recorded in the blockchain. Auto maker Nissan, which saw its systems being impacted globally, said the Renault-Nissan alliance plant in Chennai came under attack but its India team has responded and there is no major impact on business.

Microsoft Slams Governments For Global 'WannaCrypt' Attacks