So, when the architect sends out a notice of a security weakness and how to fix it in versions 2 and 3, bad people can take that fix and figure out how it might apply to a version 1 castle, and the security fix becomes an attack blueprint for version 1 castles.
The hacking group that helped enable last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks - including "compromised network data" pertaining to the nuclear missile programs of China, Iran, Russia and North Korea, as well as secret exploits affecting Windows 10, which is run by millions of computers around the world. Around 200,000 victims in 150 countries have been affected, according to European Union police force Europol, many of them businesses including major corporations such as Nissan, FedEx and Hitachi.
Want to keep your computers safe?
Here's what we now know about the ransomware known as WannaCry, which locked up digital photos, documents and other files to hold them for ransom. WannaCry affected Windows versions as far back as XP, a version that Microsoft no longer supports.
The software tools to create the attack were revealed in April among a trove of NSA spy tools that were either leaked or stolen. Sometimes it uses different names like WannaCrypt, WannaCry, WanaCrypt0r, WCrypt and WCRY, to name a few. This allowed whoever wrote WannaCry - it could be anyone from a lone individual to an organized crime syndicate - to use it to infect computers and extort users.
According to reports, when the WannaCry ransomware started spreading, many infected devices were running "end-of-life" versions of Windows, including Windows XP. In Australia, Cyber Security Minister Dan Tehan warned that there will always be threats of cyber attacks despite measures to intensify the country's cyber security. Interestingly, the company had rolled out updates to "Patch the Ransomware Vulnerability" for Windows 7, 8.1, Vista SP2 and Windows 10 earlier this year on March 14, but only released "Security Update KB401258" to address the issue for less-popular Windows Server editions, including Windows 8, Vista, XP platforms on Friday. Anyone who regularly deals with public services in person will probably have seen government employees struggling with outdated computer systems. To regain network access in these cases, the computer user would need to secure their computer by following online instructions or by contacting the IT staff in their department.
Terming such cyber-attacks as a shared responsibility between tech companies and customers, the tech giant said, so many computers remained vulnerable even two months after the release of a patch.
It was widely speculated that ATM machines running on legacy operating systems would be the next target. But successive generations of the operating system have been found wanting. The Reserve Bank of India, however, said a Windows security update could prevent and protect the institutions from any breaches.
The exploit, known as "EternalBlue" or "MS17-010", took advantage of a vulnerability in the Microsoft software that reportedly had been discovered and developed by the U.S. National Security Agency, which used it for surveillance activities. WannaCry is believed to be using the same software. The worm, WannaDecrypter, infamous as WannaCry is rumoured to have been used by US National Security Agency and is not complex or sophisticated in itself.
- Trump to head overseas without announcing new FBI director
- WannaCry Ransomware Attack Could Spark Lawsuits - But Not Against Microsoft
- Wenger's future at Arsenal will be decided after FA Cup final
- Microsoft Charged for 'WannaCry' Patch
- The Pittsburgh Penguins have to be better in Game 7
- Frenchman claims cure for WannaCry-infected computers
- Selena Gomez has popped out her new single 'Bad Liar'
- Trump flies off on first foreign trip
- Cleveland Cavaliers 130-86 Boston Celtics
- Classic Empire: Preakness Stakes Contenders