November 19 2017

Microsoft on WannaCry Ransomware: Government Secrecy Led to This

November 19 2017, 06:53 | Irvin Gilbert

Dozens Of Countries Hit By Huge Cyberextortion Attack

Global cyberattack locks up data, demands ransom

“The geography of attacks that hit post-Soviet Union most also suggests that.” In retrospect, what more convenient confluence of events could there be than having a handy justification for Q2 GDP missing again - just blame it on the computer virus - and accusing Russian Federation of being responsible for the latest global slowdown.

The WannaCry virus has hit more than 150 countries and 200,000 computers, causing an impact on essential services like hospitals, universities, warehouses and banks.

"The recent attack is at an unprecedented level and will require a complex worldwide investigation to identify the culprits", Europol's European Cybercrime Center says.

"Things could likely emerge on Monday".

Two months after Microsoft issued its security patch, thousands of computers remained vulnerable to the WannaCry attack. The ransomware was created to repeatedly contact an unregistered domain in its code.

"[The] worldwide ransomware attack shows what can happen when the NSA or Central Intelligence Agency write malware instead of disclosing the vulnerability to the software manufacturer", Lieu said in a statement.

"Thus by registering it we inadvertently stopped any subsequent infections", he told CNNTech.

A ransomware attack that began in Europe on Friday is lingering - and hitting new targets in Japan and China.

"Thankfully some researchers are already registering the new domains as they identify them", AlienVault researcher Chris Doman says.

Smith also pointed to Wikileaks revealing what it said were the CIA's hacking tools.

Governments and private security firms on Saturday said that they expected hackers to tweak the malicious code used in Friday's attack, restoring the ability to self-replicate. The company's free antivirus software Windows Defender, along with other third-party security products from those including Kaspersky Lab and Avast, will also detect and remove the threat.

The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the USA spy agency.

The ransomware is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March.

As per the advisory issued by CERT-In, the ransomware infects other computers on the same network and is also spreading through malicious attachments to e-mails.

"People going back to work on Monday may switch on their computers and see their systems have been impacted", he said.

U.S. package delivery giant FedEx, European auto factories, Spanish telecoms giant Telefonica, Britain's health service and Germany's Deutsche Bahn rail network were among those hit. The NHS said in a statement on Saturday that there was no evidence that patient information had been compromised.

Backing up data, Symantec adds, "is the single most effect way of combating ransomware infection". State media reported that digital payment systems at PetroChina gas stations were offline, forcing customers to pay cash.

"The global reach is unprecedented".

"I believe many companies have not yet noticed", said William Saito, a cyber security adviser to Japan's government.

In Spain, major companies including telecommunications firm Telefonica have been infected.

United Kingdom hospitals not the only ones impacted by ransomware attacks.

Security officials in Britain urged organizations to protect themselves by updating their security software fixes, running anti-virus software and backing up data elsewhere.

Writing in the British Medical Journal, he said: "We should be prepared: more hospitals will nearly certainly be shut down by ransomware this year".

Stay tuned to GizBot for more updates!

The cyberattack has hit more than 300,000 computers, White House homeland security adviser Tom Bossert said at Monday's midday White House briefing.

Companies are often slow to apply these fixes, called patches, because of worries that any software change could break some other program, possibly shutting down critical operations.

Other news