Jueves, 27 Julio, 2017

Microsoft blames United States government for 'stockpiling' vulnerabilities

Lucky break slows cyberattack; what's coming could be worse Microsoft criticizes governments for stockpiling cyber weapons, says attack is "wake-up call"
Ramiro Mantilla | 20 May, 2017, 11:24

WannaCry encrypts the data on a computer, and the user has to pay $300 in Bitcoin to receive the decryption key.

The initial WannaCry code included a way to stop the spread of the malware.

Recovering from the virus could cost businesses billions of dollars as they try to become operational once more.

With businesses and organizations across the globe reeling from a major ransomware attack - including the NHS in the UK - Microsoft has taken the unusual step of releasing a security patch for Windows XP, some three years after support for the antiquated OS was officially stopped. Larger organisations though may have policies that can cover damages as high as $500 - $600 million.

The Beijing News said Sunday that students at several universities around the country reported being hit by the virus, which blocked access to their thesis papers and dissertation presentations. As cyberattacks such as this continue to occur, companies will likely double down in their efforts to remain vigilant to new and more complicated threats. Brad Smith, Microsoft's top lawyer, criticized USA intelligence agencies for "stockpiling" software code that can be used by hackers.

The "WannaCry" malware exploits a hole in outdated Windows operating systems.

So criminals turned to targeted attacks instead to stay below the radar.

Not everyone has taken ransomware seriously enough, and that includes organizations and users that need to defend against ransomware; companies that develop the software platforms and can create better protections against ransomware; and governments, which prefer to hoard vulnerabilities instead of aiding firms in fixing the flaws in their software.

Microsoft had already released fixes to the vulnerability in March, but has provided further updates and reminders to users.

Always update systems and software with the latest security updates.

According to the Agency, then the Russian regulator said that the results of cyber attacks, the facts compromising the resources of banks were recorded.

Marin Ivezic, cyber security partner at PwC, said that some clients had been "working around the clock since the story broke" to restore systems and install software updates, or patches, or restore systems from backups.

Once inside an organization, WannaCry uses a Windows vulnerability purportedly identified by the NSA and later leaked to the internet.

In the US, FedEx reported its Windows computers were "experiencing interference" from malware but would not say if it had been hit by ransomware. And the United Kingdom government called an emergency meeting over the crisis. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers.

As per the advisory issued by CERT-In, the ransomware infects other computers on the same network and is also spreading through malicious attachments to e-mails. The other is to disable a type of software that connects computers to printers and faxes, which the virus exploits, O'Leary added.