ibusinesslines.com
ibusinesslines.com May 24, 2017


Still running Windows XP? Here's what to do about WannaCrypt ransomware

20 May 2017, 03:56 | Jodi Jackson

After Ransomware Attack, Wary Banks Shut Down Some ATMs

Even if you paid the ransom, WannaCry probably won't give your files back

(In China, that country's love of pirated software, which typically doesn't receive updates, contributed to WannaCry's virulent spread there on Monday).

As news continues to spread of WannaCry, the vicious strain of malware that has already attacked 200,000 computers in over 150 countries since Friday, Internet users are scrambling to educate themselves on their new cyber enemy. The software giant squarely but the blame on spy agencies for such incidents in a blog post published by Microsoft President and Chief Legal Officer Brad Smith Sunday. "This is an emerging pattern in 2017". "We have seen vulnerabilities stored by the Central Intelligence Agency show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world".

Then there's the USA government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals.

"An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen", Smith said. While the hackers used aspects of stolen NSA data to launch the attack, there is no evidence to show the attacks were initiated by USA intelligence.

In February, Smith first called for the creation of what he has dubbed a Geneva Convention for cyberspace, which would outlaw nation-state cyberattacks on critical infrastructure and tech companies. "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", said Smith.

So far nobody knows, but it could be anyone who took advantage of vulnerabilities discovered by the NSA and released publicly along with an attack that exploits it known as ETERNALBLUE.


"In an interview on ABC's Good Morning America, Tom Bossert, the homeland security adviser of President Donald Trump said people should consider the Wannacry ransomware attack to be "under control" right now" but "represents an extremely serious threat". And just as they are unlikely to pay for an upgrade to their operating systems, they may not want to - or be able to - pay for security fixes.

Mac or Linux users are at the moment safe from harm, but there remains a risk they could be infected via the intranet once a member computer is infected. Previous year too, around 3.2 lakh debit cards were compromised in the country due to a malware attack that affected ATM machines of Hitachi during three months of May, June and July of 2016. The computer screen locks up, and displays two count-down clocks - one displaying the time until the ransom doubles and the other the time until all files are deleted. The massive attack left victims locked out of their PCs with a promise of restored access if a fee of as high as $300 was paid in digital currency Bitcoin-and a threat of destroyed files if the ransom is not met. A Twitter bot tracking the payments made to WannaCrypt now has the value paid for ransoms at $55,800.

He also noted that the action appeared to be criminal in nature since the hackers are demanding money from those whose computers were infected by WannaCry ransomware.

The Vietnam Computer Emergency Response Team (VNCERT), under the Ministry of Information and Communications, has issued warnings as well as offered protection measures to all users to guard against the ransomware and its variations, which target Microsoft Windows - an operating system that is widely used in Vietnam, especially the outdated Windows XP.

Microsoft ended support for Windows XP in April 2014, which meant the company stopped providing any security updates or technical support for the OS since then. "Otherwise they're literally fighting the problems of the present with tools from the past", he said. And while Microsoft said it had already released a security update to patch the vulnerability a month earlier, it would appear that the NSA hadn't told the USA tech giant about the security risk until after it had been stolen.



Other News

Trending Now

Uttarakhand landslide: 800 among about 2000 stranded people resume journey
SP Chamoli said that she has informed the police at Badrinath to stop the downward movement of any vehicle from the shrine till the road gets open.

Senior White House aide 'person of interest' in Russian Federation probe
This is not the first time Trump's White House has offered an explanation for an event that was later directly contradicted. Rosenstein said he had "discussed the need for new leadership at the FBI" with then-senator Sessions last winter.

Trump tells Russians Comey was a 'nut job'
Robert Mueller, who served as FBI chief under George W Bush, was appointed this week as special counsel for the investigation. A memo by fired FBI Director Comey alleged Trump even asked that the probe into Flynn be shut down.

First gameplay video and more news revealed for Destiny 2
When asked by PCGamer about the servers, Bungie PC lead David Shaw said, "We do not have dedicated servers for Destiny 2 on PC". In Countdown , the new 4v4 competitive PvP mode, the first team pull off six rounds of either arming or disarming bombs wins.

Can't vilify EVMs by hacking a look-alike machine — EC to AAP
Even if one person feels that his vote is not going to the party he voted for, then the EC should mull over the concern seriously. CPI national secretary Atul Anjan asked. "With this demonstration, it has been proved that EVMs can actually be hacked".

The Lib Dems want what remains of the Remain vote
Labour has "lost the right to call themselves the opposition" by failing to make a stand on Brexit, Mr Farron said. The Scottish Government says Police Scotland loses £35 million per year because of the rules on Value-Added Tax .

IT researcher Marcus Hutchins who accidentally halted NHS cyber attack speaks out
With everyone expecting a second spike in cyber attacks he said it was "encouraging" that no fresh attacks were conducted. A spokesman said: "Our understanding is that if that had been acted on it would have prevented [the malware attack]".