U.S. should not stockpile cyber weapons, Microsoft says

Microsoft release Wannacrypt patch for unsupported Windows XP, Windows 8 and Windows Server 2003

The worldwide effort to extort cash from computer users is the first widely successful example of ransomware that self-replicates like a virus, and it prompted Microsoft to quickly change its policy, announcing free security patches to fix this vulnerability in the older Windows systems still used by millions of individuals and smaller businesses.

Wanna Decryptor is an encryption-based ransomware, which is also known as WannaCry or WCRY. WannaCry reportedly used an infection vector developed by the US National Security Agency. And while Microsoft said it had already released a security update to patch the vulnerability one month earlier, the sequence of events fed speculation that the NSA hadn't told the US tech giant about the security risk until after it had been stolen. The virus took control of users' files and demanded $300 payments via Bitcoin to restore access.

"This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it's something every top executive should support", he said.

"I still expect another to pop up and be fully operational", Kalember said.

And while the British government stressed only one in five of its NHS hospitals had been struck, 11 of those 47 hospitals still reported issues on Monday - causing delays and cancelled appointments, according to the BBC.

Soon, after the initial release of the ransomware took place on May 12, 2017, a United Kingdom -based researcher going by the name of MalwareTech happened to accidentally discover a "kill switch" hardcoded in the malware while trying to analyze the attack. But this doesn't mean those whose computers run on Apple or Linux code should feel smug. Smith's post wasn't fair, argued a source with experience at U.S. Cyber Command, an offensive-minded cyber warfare unit commanded by the director of the NSA.

The phenomenon of companies failing to update their systems has been a persistent security problem for years. The attack can come from opening an email attachment or clicking on a link. That affordable move redirected the attacks to the server of Kryptos Logic, the security company he works for.

"It's this constant battle", said Ryan O'Leary, vice-president of WhiteHat Security's threat research centre.

Because the attack occurred on Friday, right before people left their offices and went home for the weekend, many computers weren't affected because they simply weren't in use. "It won't be too late as long as they're not infected".

Cyber-security specialists are bracing themselves for new versions of the computer "worm" - so-called because it burrows its way deep into computer systems - to materialise in the coming day. On Friday, a global cyberattack affected those who hadn't updated their systems. Those who have Windows Update enabled are protected against attacks on this vulnerability.

Related:

Comments


Other news