November 19 2017

Ransomware cyber-attack a wake-up call

November 19 2017, 12:50 | Jodi Jackson

As discovered by a security researcher, the ransomware's killswitch is the website "".

A new email-based ransomware virus has locked up hundreds of thousands of computers in more than 150 countries hitting factories, hospitals, shops and schools worldwide over the weekend.

"WannaCry" works by encrypting files in the computer and demanding a ransom of $300 in order to recover the files.

Here's the link to the official update page by Microsoft, which includes patches for most of the versions. He says while it may be time consuming, update your software when it says it has an update.

Alongside Dame Fiona's review, the Care Quality Commission's July 2016 Care Quality Commission review into cyber security "Safe Data, Safe Care" also highlighted the risk posed by outdated IT systems.

WannaCrypt's victims included the National Health Service, Spain's Telefónica and numerous other organisations across the world.

In the United Kingdom, hospitals were crippled by the cyberattack, which forced operations to be canceled and ambulances to be diverted.

Though the worm is primarily affecting business, individuals with PCs running Windows should still take a few precautions. Microsoft released a software update in March that protects against this vulnerability, but we've since learned that many people did not update their computers. Also, it had advised users to update their systems to deploy the patch for the vulnerability (MS17-010).

According to the Ministry of Electronics and Information Technology (MeitY), it has activated a "preparedness and response mechanism" by instructing CERT-IN (Computer Emergency Response Team) to gather "all the information of the reported ransomware".

If you are already infected then there is not much you can do.

Afterwards, immediately move data to devices running non-Windows OS (Linux, Mac) and/or BACK UP/COPY all data to a separate MEDIA STORAGE.

The hackers remain anonymous for now, but it appears that they are amateurs.

That echoes the reporting of cyber security researchers, who have said the WannaCry was one exploit stockpiled by the NSA and that it became public when it leaked as part of the Shadow Brokers disclosures.

The French news agency AFP is reporting that a new, second attack linked to last Friday's WannaCry attack is in progress. The ransomware attacks have the capacity to spread over the network by scanning for vulnerable systems, and in turn, infecting them.

While the NSA has not commented on either the WannaCry attack or Microsoft's response, Tom Bossert, President Trump's Homeland Security advisor discussed at Monday's daily White House press briefing that the infection rate has been relatively low in the US compared to overseas infection rates, and that no federal systems have been compromised.

Other news