Martes, 24 Abril, 2018

WannaCry ransomware attack shows the wisdom of having an offline Plan B

Cris De Lacerda | 19 May, 2017, 19:05

NHS hospitals in Wales and Northern Ireland were unaffected by the attack. According to Wainwright, the attack affected 200,000 users in 150 countries, including businesses and large corporations.

Alex is a technical writer for Firebrand Training. It doesn't matter if it is a personal photo or your companies most important excel sheet, if somebody encrypts your data files, it is very hard not to give in and pay the ransom.

The ransomware mixes copycat software loaded with amateur coding mistakes and recently leaked spy tools widely believed to have been stolen from the U.S. National Security Agency, creating a vastly potent class of crimeware. But now that experts have had a good look at the code, it appears WannaCry is a worm, not a phishing attack, and spreads not through an executable file but by manipulating each infected computer to send copies of itself out on the computer's network.

This was the moment ransomware caught the world's attention, and the attack should drive further initiatives for better, faster patching.

Then there's the USA government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals. Microsoft will try to wean customers off older operating systems so that it can move them to more advanced ones, reduce its overheads supporting vintage models, and maintain its revenue streams. The attack targets computers that did not patch a vulnerability in Windows 10, Windows 7, Windows XP, and Windows servers.

Microsoft stopped support for Windows XP and hence no security patches were released since April 2014 (with the exception of one emergency patch released in May 2014). Many voice applications, in fact, use speech recognition technology that is tied to the current Windows operating system, making a "port" to a new OS platform an even greater challenge. If you have questions or are unsure about whether your Microsoft Windows operating system received the crucial patch necessary to block this ransomware attack, contact CMIT Solutions immediately (973-325-3663). The need of the hour is to have an worldwide convention on cyber law and cyber security.

A piece of bad news - if it's true - is the theory that North Korea might have been behind the attack. Here's a look at what we know and what we can do in an effort to prevent future attacks. That way, if a hacker locked down your computer, you could simply erase all the data from the machine and restore it from the backup.

Other organizations, he said, may have stuck with legacy software because it worked and paying to upgrade to new versions of Windows didn't seem necessary.

Most IT security specialists advise victims not to pay such ransoms, but some organisations may feel they have no choice.

Here are some of the key players in the attack and what may - or may not - be their fault.

Applying the most recent Microsoft patches to environments will help protect computers from WannaCry infections.

Microsoft is now warning that the government practice of "stockpiling" software vulnerabilities so that they can be used as weapons is a misguided tactic that weakens security for everybody. Perhaps, an indication that the technology industry is now willing to take government-embarrassing methods to resist the surveillance agencies' desire to exploit or insert vulnerabilities in industry products.

Still, it was Microsoft that wrote the exploitable software to begin with.

"The governments of the world should treat this attack as a wake up call", Microsoft's president and chief legal officer, Brad Smith, wrote in a blog post.

"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen", the company said Sunday.

Agencies overseas including the European Union Agency for Law Enforcement Cooperation (Europol) are trying to identify the culprits behind this latest assault.