tiptrot.com
tiptrot.com June 27, 2017


Ransomware Cyber-Attack A Wake-Up Call, Microsoft Warns

20 May 2017, 02:47 | Deanna Wagner

Next cyber attack could be imminent, warn experts

German railways cyber attack

Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.

The attacks used ransomware that apparently exploited a security flaw in Microsoft operating systems, locking users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin.

Technical staff scrambled on Sunday to patch computers and restore infected ones, amid fears that the ransomware worm that stopped vehicle factories, hospitals, shops and schools could wreak fresh havoc on Monday when employees log back on.

Cyber security experts said the spread of the virus dubbed WannaCry had slowed but that the respite might only be brief amid fears it could cause new havoc on Monday when employees return to work.

When a demand for ransom payments appears on a user's screen - $300 at first, doubling to $600 in a few days - it's usually too late: All files on that computer have been encrypted and are unreadable by their owners.

The cyberattack, which began in London Friday morning, has so far affected 150 countries and locked 200,000 computers.

The hackers staging the onslaught, the official said, "have broken ranks with a foreign intelligence service", apparently referring to the National Security Agency (NSA) of the United States.

Ransomware is a type of malware that blocks access to a target's data until a ransom is paid, usually in a cryptocurrency such as bitcoins.

The effect in Asian nations so far on Monday has been limited.


Microsoft distributed a patch two months ago that could have forestalled much of the attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage.

Brad Smith, who is Microsoft's chief legal officer, said Sunday in a blog post that his company, its customers and the government all share the blame. "We have seen vulnerabilities stored by the Central Intelligence Agency show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world". He says that when the NSA lost control of the software behind the cyberattack, it was like "the USA military having some of its Tomahawk missiles stolen".

A Jakarta hospital said on Sunday that the cyber virus had infected 400 computers, disrupting the registration of patients and finding records. Shortly after that disclosure, Microsoft announced that it had already issued software "patches", or fixes, for those holes - but many users haven't yet installed the fixes or are using older versions of Windows.

"As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems", Mr Smith said.

When it comes to the ransomware attack, some observe that criticism of the NSA is misplaced, given that Microsoft had patched the vulnerability prior to its disclosure. If there is a flaw in Windows, the company said, surely the safest thing to do is to let its team know straight away so it can be fixed.

Marin Ivezic, cybersecurity partner at PwC, said that some clients had been "working around the clock since the story broke" to restore systems and install software updates, or patches, or restore systems from backups. Worldwide shipper FedEx Corp said some of its Windows computers were also breached. Tough - time-consuming, expensive and complex.

On top of that, the NSA would likely be able to claim that it is shielded from liability under the doctrine of sovereign immunity, which says that the government cannot be sued over carrying out its official duties. The malware spreads through e-mail.

Becky Pinkard, from Digital Shadows, a UK-based cyber-security firm, told AFP news agency that it would be easy for the initial attackers or "copy-cat authors" to change the virus code so it is hard to guard against.



Other News

Trending Now

Mexican Award-winning Journalist Shot Dead in Sinaloa
The CPJ reported that, in the weeks before his murder, Valdez told the CPJ that he was concerned for his safety. They also held up photos of other murdered colleagues.

Why Chelsea boss Antonio Conte has been better than Pep Guardiola - Hasselbaink
Why would he come for one season? "For a new manager, it's not easy, but we worked hard and I think everybody picked it up well". I found the strength to change, to take responsibility to change systems and find a new fit for the players", he said.

CNN's Anderson Cooper interviews fired acting AG Sally Yates
Her comments came in an interview with CNN's Anderson Cooper , her first since President Donald Trump fired her in late January. Ultimately, she told Cooper , she has no regrets about her decisions during her tenure as acting attorney general.

Ceremony honors fallen officers
The exercise was part of the first-ever HOPE (Honoring Our Police in Elgin) Luncheon held Wednesday at the Centre of Elgin. A wreath was placed at the Troy Police Department during the ceremony and another at Bicentennial Park after the ceremony.

Chinese state media says US should take some blame for cyber attack
His point to governments is this: report vulnerabilities to vendors rather than exploit them. If you are running Windows 10, your computer won't be affected.

Another kidnapped Chibok girl free in Nigeria: presidency
Even if they are sheltered from the rest of society for security [reasons], they should be able to have access to their children. "We were already trying to negotiate peace with Boko Haram before the Chibok girls were kidnapped", Mr Mustapha said.

Kate Middleton Is Worried That Her Kids Will Misbehave at Pippa's Wedding
Tuesday's event marked the first of three garden parties that the Queen hosts each summer at her iconic London residence. As for her wedding gown, it's likely that Pippa will choose British designer Giles Deacon , reports Yahoo .

Veteran actress Reema Lagoo dies at 59
We dug out a video interview of her of 2009 where Reema was told that Salman chose her as his favourite on-screen mother. Here, she played the character of Shah Rukh Khan's mother who supports and strengthens him during his last few days.

SBI Q4 profit doubles to Rs 2815 cr as NPA situation eases
SBI's GNPAs for the quarter increased by 3.8 per cent QoQ in Q4FY17 to Rs 112342 crore. On NPA assets, Bhattacharya said the NCLT is open to the bank.

Information Trump shared with Russians came from Israel, official says
The information, which concerned a plot regarding aviation security and the Islamic State, was cited as being from a "partner". Even when intelligence is declassified, the government typically keeps secret the ways it acquired the intelligence.