Jeudi, 21 Septembre 2017
Latest news
Main » Microsoft's free custom support could have stopped 'WannaCrypt'

Microsoft's free custom support could have stopped 'WannaCrypt'

19 Mai 2017

The malware has spread at a whopping pace reaching countries worldwide, with evidence of the malicious software found in more than 150 countries.

WannaCry, aka WannaCrypt, WannaDecryptor 2.0, and various other names, probably used classic phishing to get into the first machines it contaminated. Malware of this sort extorts money from victims by locking away files and personal data.

The locking or kidnapping process generally relies on frighteningly complex cryptography. The virus can read and encrypt 160 different file types. The attack has existed undetected so far due to the stealthy nature of the malware, with the only symptoms being slow or sluggish performance and the disabling of some sharing functionalities on Windows.

What can businesses and individuals do to protect themselves from ransomware?

Typical ransomware also generates a unique bitcoin account for each payment to make tracing hard.

Digital currencies like Bitcoin or Monero can be "mined" by making computers crack increasingly hard mathematical equations to create what's known as a "hash". It's not owned by anybody, it's decentralized and there's no central bank. In the last few paragraphs, the article discussed in-depth as to how a bitcoin startup is untangling startups using the public blockchain to trace bitcoin payments of the accounts of the criminals.

Ransomware is now at epidemic proportions. If one employee's machine lacks the latest security software, it can infect other machines across the company network.

Because of the way WannaCry spreads sneakily inside organization networks, a far larger total of ransomed computers sitting behind company firewalls may be hit, possibly numbering upward of a million machines. Last week, it was set free into cyberspace to infect all the non-protected, non-updated, XP-operating computers around the world, which we now know included a considerable number of institutional and private systems.

According to reports by Proofpoint, the attack secured the same hacking tools as WannaCry which was developed by the US National Security Agency. But word got out when a hacker group known as the Shadow Brokers dumped a bunch of leaked NSA information onto the Internet in April. It then published the exploit online. Remember Microsoft had stopped supporting these version of Windows, but it has issued a rare security patch to fight against the WannaCry ransomware attack. If you're still running Windows XP.stop it. However, for computer users with WindowsXP, there was no patch because Microsoft had ended support for that OS in 2014.

According to the company, "customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March". Microsoft has been very critical of the NSA stockpiling of exploits. Now some are blaming Microsoft for this ransomware attack, and not following up on security measures. "Because, at the end of the day, the person who stands to lose the most is you".

Should I pay the ransom? Otherwise, without advancing end-user knowledge, it is highly unlikely that security levels will improve.

Once established, WannaCry encrypted computer files and displayed a message demanding $300 to $600 worth of the digital currency bitcoin to release them.

Ransomware, which is often transmitted by email or web pop-ups, involves locking up people's data and threatening to destroy it if a ransom is not paid.

From FedEx to Nissan to hospitals in the United Kingdom, hundreds of thousands of machines have been infected in more than 150 countries.

In the past, we saw many times secret services asking companies to relax their encryption policies, or to install a backdoor or even to totally remove encryption. If you suspect it's a bad link, ask them what it is and where it came from.

Microsoft's free custom support could have stopped 'WannaCrypt'