Jeudi, 25 Mai 2017
Latest news
Main » Chinese media blame the United States of America for WannaCry ransomware cyber-attack

Chinese media blame the United States of America for WannaCry ransomware cyber-attack

19 Mai 2017

A global cyber attack which hit the NHS in the United Kingdom and millions of other organisations and users worldwide last week has shown just how easy it is for hackers to cause havoc if digital security is not taken seriously.

Corporates are internally trying to resolve it through their IT team and those who have not got any back up of their data are resorting to paying the ransom through bitcoin. The hackers responsible are demanding that the computer-owners pay them money to release their data.

The attack started Friday and affected thousands of computers, hitting more than 150 countries by Monday. So even if the recent ransomware attack acts as a necessary wake-up call, there's still a perceived safety net.

Nemeroff cited how 85 percent of companies haven't yet upgraded to the latest Windows 10 operating system, according to Credit Suisse's corporate survey.

WannaCry attacked computers that were connected to the Internet and used Windows operating systems. Now, the hackers have updated the ransomware to include no kill switch. Its failure to give older versions the same protection found on Windows 10 - covering the security gap found and exploited but kept secret by the NSA - left millions of users vulnerable.

"Clearly having the vulnerability be in Microsoft software was one of the key elements", said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California.

If your system is on the recent version of Windows and hasn't been attacked by WannaCry yet, then we urge you to update your system with the available security patch immediately.

Ellis favors a more transparent process for the government, and close cooperation with the cybersecurity community, which, like the British researcher lauded for helping stem the WannaCry attack, can offer tremendous knowledge and resources in the battle against cybercrime and national security threats, he said. A "critical" patch had been issued by Microsoft on March 14 to remove the underlying vulnerability for supported systems, almost two months before the attack, but many organizations had not yet applied it.

The attack, which targets vulnerabilities in Microsoft Corp MSFT.O systems, did indeed use a tool built by the NSA which leaked online in April, according to Microsoft.

"It is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected", Britain's National Cyber Security Center (NCSC) said in a statement. Software manufacturers often provide updates or patches to their products after they discover such a flaw, to prevent cyber-criminals from exploiting it.