Microsoft warns ransomware cyber-attack is a wake-up call

Cyber Attack

Should we blame Microsoft for not patching older versions of Windows that were left vulnerable to the attack?

The company also reiterated a call it made earlier this year for an global agreement among states to shield civilians and corporate noncombatants from hacking.

The attack crippled more than 200,000 computers around the world.

"The numbers are still going up", he said. But this is something we haven't seen before.

His concerns were echoed by James Clapper, former director of national intelligence under President Barack Obama.

"Now more than ever, it's critical for IT professionals to make a business case for more resources", said Tsai.

On affected computers, the WannaCry software encrypts files and displays a ransom message demanding $300 in bitcoin.

The attack that authorities say swept 150 countries this weekend is part of a growing problem of "ransomware" scams, in which people find themselves locked out of their files and presented with a demand to pay hackers to restore their access.

Other organisations targeted worldwide included Germany's rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, French carmaker Renault, US logistics giant FedEx and Russia's Interior Ministry. The attack quickly spread across the world, until a cybersecurity researcher accidentally found a kill switch in the code - an unregistered domain name that he purchased for $10.69 to halt the WannaCry hack, at least temporarily. It also hit a "limited number" of US companies over the weekend, a senior DHS official confirmed to Fox News. Smith says there's a real risk that criminals will steal them. If not, update right away. In some cases, they were machines involved in manufacturing or hospital functions that proved too hard to patch without possibly disrupting crucial operations, security experts said. The NSA tools were stolen by hackers and dumped on the internet.

"More action is needed, and it's needed now", he said.

Microsoft reportedly released a security update for current operating systems in March that protected against the malware. It turns out, this ransomware made use of a flaw that the NSA had been holding in its back pocket for years, causing Microsoft to speak out against government agencies "hoarding" security vulnerabilities for their own uses, while also pointing out that customers need to stay on top of updates to remain secure.

Granted, some companies will have more machines running Windows XP and Vista, which lost support earlier this year, than others. So even people with older computers should update them. To ensure that other computers are not infected, switch off the network. But some experts have argued this attack could have been vastly mitigated if the NSA told Microsoft sooner. The criminals behind the attack have not yet been identified. "But there's clearly some culpability on the part of the US intelligence services".

He said most people "are living an online life", and these agencies have a duty to protect their countries' citizens in that realm as well. "Otherwise they're literally fighting the problems of the present with tools from the past". "It's a handy thing to have, but it's a risky thing to have".



Other news