tiptrot.com
tiptrot.com October 17, 2017


Ransomware Cyber-Attack A Wake-Up Call, Microsoft Warns

20 May 2017, 02:47 | Deanna Wagner

Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.

The attacks used ransomware that apparently exploited a security flaw in Microsoft operating systems, locking users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin.

Technical staff scrambled on Sunday to patch computers and restore infected ones, amid fears that the ransomware worm that stopped vehicle factories, hospitals, shops and schools could wreak fresh havoc on Monday when employees log back on.

Cyber security experts said the spread of the virus dubbed WannaCry had slowed but that the respite might only be brief amid fears it could cause new havoc on Monday when employees return to work.

When a demand for ransom payments appears on a user's screen - $300 at first, doubling to $600 in a few days - it's usually too late: All files on that computer have been encrypted and are unreadable by their owners.

The cyberattack, which began in London Friday morning, has so far affected 150 countries and locked 200,000 computers.

The hackers staging the onslaught, the official said, "have broken ranks with a foreign intelligence service", apparently referring to the National Security Agency (NSA) of the United States.

Ransomware is a type of malware that blocks access to a target's data until a ransom is paid, usually in a cryptocurrency such as bitcoins.

The effect in Asian nations so far on Monday has been limited.


Microsoft distributed a patch two months ago that could have forestalled much of the attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage.

Brad Smith, who is Microsoft's chief legal officer, said Sunday in a blog post that his company, its customers and the government all share the blame. "We have seen vulnerabilities stored by the Central Intelligence Agency show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world". He says that when the NSA lost control of the software behind the cyberattack, it was like "the USA military having some of its Tomahawk missiles stolen".

A Jakarta hospital said on Sunday that the cyber virus had infected 400 computers, disrupting the registration of patients and finding records. Shortly after that disclosure, Microsoft announced that it had already issued software "patches", or fixes, for those holes - but many users haven't yet installed the fixes or are using older versions of Windows.

"As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems", Mr Smith said.

When it comes to the ransomware attack, some observe that criticism of the NSA is misplaced, given that Microsoft had patched the vulnerability prior to its disclosure. If there is a flaw in Windows, the company said, surely the safest thing to do is to let its team know straight away so it can be fixed.

Marin Ivezic, cybersecurity partner at PwC, said that some clients had been "working around the clock since the story broke" to restore systems and install software updates, or patches, or restore systems from backups. Worldwide shipper FedEx Corp said some of its Windows computers were also breached. Tough - time-consuming, expensive and complex.

On top of that, the NSA would likely be able to claim that it is shielded from liability under the doctrine of sovereign immunity, which says that the government cannot be sued over carrying out its official duties. The malware spreads through e-mail.

Becky Pinkard, from Digital Shadows, a UK-based cyber-security firm, told AFP news agency that it would be easy for the initial attackers or "copy-cat authors" to change the virus code so it is hard to guard against.



Other News

Trending Now

Mexican Award-winning Journalist Shot Dead in Sinaloa
The CPJ reported that, in the weeks before his murder, Valdez told the CPJ that he was concerned for his safety. They also held up photos of other murdered colleagues.

Pulis explains West Brom stance after pulling out of Taylor deal
It's a risk that, at this moment, is not worth taking'. "We wanted to find out what the price was to see if we'd be interested". You could do that and they put an extraordinary price on it.

Fact Check: 'We Don't Have Health Care In This Country,' Trump Says
That means approximately 800,000 people with high-cost health conditions would be left without affordable health insurance . Premiums were often extremely high, and there were frequently lifetime or annual limits on coverage.

China presses South Korea on Thaad missile system
Moon's phone conversation with Japanese Prime Minister Shinzo Abe started at 2:25 p.m. and lasted 25 minutes, said Yoon. Trump told Moon he looked forward to meeting in person and that he should feel free to call whenever necessary.

Senate Intelligence Committee requests Comey memos
The person who described the Comey memo to the AP was not authorized to discuss it by name and spoke on condition of anonymity. A pair of Senate committees, meanwhile, wants more information about Comey's interaction with President Trump.

Trump campaign had at least 18 undisclosed contacts with Russians
Fired National Security Adviser had six previously undisclosed conversations with Russian ambassador Sergei Kislyak . Their discussions included plans to create a back channel for Trump and Putin to communicate.

Deepika Padukone at her stunning best: Top 5 'game changer' looks
On Day 1 of Cannes Film Festival yesterday, it was Deepika's turn to hit one of the world's most stylish red carpet. The actress has shown she can rule the red carpet, as she creates memorable outfits and captivating looks.

Veteran actress Reema Lagoo dies at 59
We dug out a video interview of her of 2009 where Reema was told that Salman chose her as his favourite on-screen mother. Here, she played the character of Shah Rukh Khan's mother who supports and strengthens him during his last few days.

Colorado delegation wants more info on Comey
Amash is a member of the hard-line House Freedom Caucus who has already has called for an independent commission to investigate. The letter came after the Senate Intelligence Committee made a similar request for Comey's memos.

Activist backtracks on BHP plan
In regards to onshore USA petroleum, Mackenzie said that all options were on the table. After the meeting, an Elliott spokesman said the meeting was private but constructive.