WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities

Author

18 May, 2017

As a ransomware program, WannaCry itself is not that special or sophisticated.

"This number does not include infections inside corporate networks where a proxy server is required for connecting to the internet, meaning that the real number of victims might easily be larger", he said. The hacking tool spreads silently between computers, shutting them down by encrypting data and then demanding a ransom of $300 to unlock them.

Theft of the software was reported in April, when it was published by the Shadow Brokers, a group that has been linked to Russian Federation.

According to Kaspersky, there were around 500 new attempted WannaCry attacks sighted across Kaspersky Labs' customer base on Monday morning when organisations in Europe opened for business. Microsoft has tried to convince companies to stop using SMBv1 for some time, as it has other problems aside from this flaw.

Who are the attackers? "Even on Monday, application of patches continued", the official said, adding that they were following guidelines issued in Microsoft Security Bulletin MS 17-010.

After the WannaCry attack, Microsoft went out of its way to ensure the safety of users. The company rates the update as "critical" for supported Windows releases. Organizations still using any of the unsupported platforms will get regular security updates only if they pay enormous fees for "custom support". Windows 10, the latest version, was free for the first year to encourage users to upgrade.

You may want to consider turning on automatic updates from Microsoft Windows.

Chaffetz: I'm ready to subpoena for Comey memo
Chaffetz wrote, would "raise questions as to whether the president attempted to influence or impede" the F.B.I. Senate Minority Leader Chuck Schumer, meanwhile, said the country "is being tested in unprecedented ways".

Xiaomi bets big on Mi Homes for larger offline play
For those wanting a bit more oomph-factor from the phone can opt for the mid-range version with a 3GB RAM and 32GB storage. It runs Android 6.0 marshmallow-based MIUI 8, but the company has started testing the latest Nougat support.

Younis sign off quietly as Windies take control
There was more frustration for the bowler in his very next over as Asad Shafiq failed to hold on to a fierce square-cut from Hope. The Caribbean side trail Pakistan by 362 runs heading into the pivotal day three of the match.

"Really the lesson here is that for individuals, at least, if they didn't turn off the automatic update feature - so a Windows update in this case - they would've gotten the patch and they'd be fine", said Troy Hunt, a security trainer and a Microsoft regional director. Users of Windows 7, Windows 8.1 and Windows Vista can protect themselves by updating the software by running Windows Update on their computer. But the success of the attack shows that not enough people took advantage of the patch. He adds: "The Ransomware starts with an unsolicited email typically created to trick the victim into clicking on an attachment or visiting a webpage". Be wary of malicious email attachments and links. WannaCry appears to travel across corporate networks, spreading quickly through file-sharing systems.

However, it seems that those with Windows XP are most largely hit by the ransomware. But since newer variants of WannaCry are emerging rapidly, one or more of them could break past defenses.

An equally important thing is to back up all the important data on your computer. They are told that, if they don't pay a specific ransom amount by a given date, all the contents of their computer will be deleted.

He believes that state-sponsored cyberespionage groups could also take advantage of the SMB flaw to plant stealthy backdoors on computers while defenders are busy dealing with the much more visible ransomware attack. To get the decryption key, you must pay a ransom in the form of Bitcoin, which provides the threat actors some minor level of anonymity.

They exploited a ideal storm of factors - the Windows hole, the ability to get ransom paid in digital currency, poor security practices - but it's unclear if the payoff, at least so far, was worth the trouble.

Responding to the incident, the company's president and chief legal officer, Brad Smith, criticized the US government's weaponizing of computer vulnerabilities, the leak of which enabled this attack, and the dangers of not informing tech companies about them.


More news


  • WannaCrypt just the beginning as Shadow Brokers tease more NSA tools

    WannaCrypt just the beginning as Shadow Brokers tease more NSA tools

    Microsoft had previously patched the vulnerability, but many computers had not installed the updates and were left exposed. As the group wrote: "Each month peoples can be paying membership fee, then getting members only data dump each month".

    Trump's intel disclosure to Russia put spy in danger

    Yet U.S. allies and some members of Congress expressed concern bordering on alarm. Still, the revelations sent a White House accustomed to chaos reeling anew.

    Healthy SC teen dies of heart problems after too much caffeine

    Coroner's Association. "I stand before you as a brokenhearted father and hope that something good can come from this", Cripe said. Based on Cripe's weight, Watts says the amount of caffeine consumed was above what is considered a "safe limit".
  • Ronaldo could take Madrid to brink of title in Celta Vigo

    Ronaldo could take Madrid to brink of title in Celta Vigo

    The result saw Barcelona stay atop the La Liga table on head-to-head record, but Real Madrid maintain their vital game in hand. Once he was back on his feet, Nacho found Correa waiting for him and the Argentinean starting pushing the Madrid player about.
    Egypt discovers new necropolis in Minya, first in area

    Egypt discovers new necropolis in Minya, first in area

    Salah al-Kholi, a university professor of Egyptology, said: "We found catacombs containing a number of mummies ". The burial chamber was first detected a year ago by a team of Cairo University students using radar.
    Woman attempts to drive GOP congressman off road over health care vote

    Woman attempts to drive GOP congressman off road over health care vote

    The 35-year-old is accused of then getting out of her auto , walking up to the congressman's and pounding on the windows. They say she was arrested and charged with reckless endangerment after posting details of the encounter on Facebook.
  • Scream Queens Cancelled by Fox

    Scream Queens Cancelled by Fox

    Despite noise in January that the show would still be up for renewal, the writing remained written in blood on the wall. According to E! New, it looks like Scream Queens fans no longer have to wait to learn the fate of their series.

    Warren Buffett's one-word answer for why he hasn't purchased Amazon shares

    Buffett said his federal income taxes would have gone down 17 percent a year ago if the GOP bill was in effect. Berkshire held its annual shareholders meeting this weekend in Omaha, Nebraska.
    Top Baby Names: Emma, Noah Reign; Caitlyn Plunges Out of Top 1,000

    Top Baby Names: Emma, Noah Reign; Caitlyn Plunges Out of Top 1,000

    For boys, the top picks are Noah (which is the top boy's name four years running), Liam, William, Mason, and James. The most popular 21st century names for girls before 2014 were Sophia, Isabella and Emily.
  • Putin offers transcript of Trump meeting with Lavrov

    Putin offers transcript of Trump meeting with Lavrov

    The person who described the Comey memo to the AP was not authorized to discuss it by name and spoke on condition of anonymity. In a statement, Israel's ambassador to the U.S., Ron Dermer , said the partnership between the U.S and Israel was solid.

    Thomas eager to write new chapter in book of Isaiah

    Washington's victory evens the series at three games apiece, and sets up a decisive Game 7 in Boston on Monday (8:00 PM ET, TNT). This was the first win by a home team facing elimination on its court in these National Basketball Association playoffs.
    Hizbul Mujahideen won't hesitate to kill Kashmiris too: Defence expert

    Hizbul Mujahideen won't hesitate to kill Kashmiris too: Defence expert

    He said that "India to trying to create a group like ISIS to defame the militant outfits who are fighting against them". On the other hand, Defence Minister Arun Jaitley called it a dastardly act of cowardice by terrorists.