Lundi, 19 Novembre 2018
Latest news
Main » Important Steps to Prepare for the WannaCry Ransomware Attack

Important Steps to Prepare for the WannaCry Ransomware Attack

18 Mai 2017

Bossert said he expected the number of people affected would rise as more workers logged into their work computers on Monday.

This isn't the first time USA spy agencies have been accused of knowing about vulnerabilities and keeping them secret.

On affected computers, the WannaCry software encrypts files and displays a ransom message demanding $300 in bitcoin.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", says Microsoft President Brad Smith.

The country's love of pirated software also played a big role in its vulnerability. In March, thousands of leaked Central Intelligence Agency documents exposed vulnerabilities in smartphones, televisions and software built by Apple, Google and Samsung Electronics.

Alex Abdo, a staff attorney at the Knight First Amendment Institute at Columbia University, said Microsoft and other software companies have strategically settled lawsuits that could lead to court rulings weakening their licensing agreements.

It's hard to blame Microsoft, Litan said, since it issued fixes and generally did what it should. He noted, however, the complexity that can be involved in patching a security hole.

He pointed out, "There is simply no way for customers to protect themselves against threats unless they update their systems" given the fact that cybercriminals are becoming more sophisticated.

Alexander was asked how much responsibility the NSA bears for the WannaCrypt virus - given reports have indicated the virus utilizes an exploit that was stolen from the NSA.

Dore said companies that faced disruptions because they did not run the Microsoft update or because they were using older versions of Windows could face lawsuits if they publicly touted their cyber security.

"While they don't seem to have the most fantastic PR department", he said, "they've already proved that they had some pretty serious access". A month before the ShadowBrokers released the EternalBlue vulnerability, Microsoft issued a patch for it, but that didn't stop the ransomware's spread. That could saddle the company with the XP albatross for many years past when it hoped to be free from having to maintain the software.

"There is no major impact in India unlike other countries".

None of the firms targeted indicated whether they had paid or would pay the hackers ransom. Large companies and government agencies, including Megafon, the second biggest mobile provider in Russian Federation, global shipping company Fedex, and the National Health Service, Britain's national healthcare administration, were among the more high-profile victims of the attack, dubbed "WannaCry", on Friday.

A group that took credit for leaking NSA cyber spying tools - including ones used in the WannaCry global ransomware attack - has said it plans to sell code that can be used to hack into the world's most used computers, software and phones. Others subsequently confirmed the Google researcher's work.

There were 213,000 infected machines in 112 countries on Monday morning (local time), according to Czech security firm Avast, making it one of the largest coordinated attacks to hit computers across the world.

Authorities in Europe and the United States turned their attention to preventing hackers from spreading new versions of the virus. "To keep the world safe these things have to be done".

Avivah Litan, a cybersecurity analyst at Gartner, agreed that the government is "is negligent not doing a better job protecting companies", but added that it's not like "you can stop the US government from developing cybertools" that then work as intended. "Occasionally mistakes happen", he added.

Important Steps to Prepare for the WannaCry Ransomware Attack