Published: Sun, May 14, 2017
Sci-tech | By Carrie Guzman

Microsoft makes fixes free in wake of cyberattack


More than 75,000 computers in 99 countries were compromised in Friday's attack, with a heavy concentration of infections in Russian Federation and Ukraine, according to Dutch security company Avast Software BV.

"Although ransomware on a public sector system isn't even newsworthy, systems being hit simultaneously across the country is (contrary to popular belief, most NHS employees don't open phishing emails which suggested that something to be this widespread it would have to be propagated using another method)", MalwareTech wrote. After that, the price would be doubled.

Spain's Telefonica was among the companies hit.

It said the attacks had not affected the companies' services or data protection of their clients. "(Which is a shame, because that would have meant computers would have been patched earlier)". Two security firms - Kaspersky Lab and Avast - said they identified the malicious software in more than 70 countries.

"I was quickly able to get a sample of the malware with the help of Kafeine, a good friend and fellow researcher".

In Germany, rail operate Deutsche Bahn said its systems were infected and made some electronic boards at stations announcing arrivals and departures were affected.

"Then the kill switch was pulled and everything went live. You need JavaScript enabled to view it".

The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes. That group has been leaking pieces of more than a gigabyte worth of older NSA software weapons since August.

It was not yet known who perpetrated Friday's attacks. Dozens of countries were hit with a huge cyberextortion. Russia's health ministry said its attacks were "effectively repelled".

"But our immediate priority as a government is to disrupt the attack, restore affected services as soon as possible, and establish who was behind it so we can bring them to justice".

Kasperksy's Baumgartner did note that although the ransomware was able to offer "how to pay" documents in dozens of languages, the only language whose writing was flawless was Russian, with the others showing distinct signs that a non-native speaker had written them.

Also unknown is whether there are multiple coordinated attacks underway.

It's moving so quickly in part because the exploit it's based on may allow it to because of a so-called "spreader" element it contains that allows it to spread quickly.

WannaCrypt/WannaCry ransomware has affected Windows XP systems across the globe.

China tests new missile in waters near North Korea
Force tested the new missile in the Bohai based on annual training programme, the defence ministry said in a brief statement. While the DF-26 could be useful against THAAD, China also has several other missiles that are up to the task, Song said.

As Dillon noted above, it's very likely the code was introduced into networks but didn't do anything until instructed to by whoever was behind it.

The statement said there were thousands of cyberattacks daily "and Romania is no exception".

The Computer Emergency Response Team of Turkey tweeted that the "wannacry ransomware" is spread over Server Message Block flaws. But they could still linger as low-grade infections that flare up from time to time.

The cyberattack affected 16 organizations that are part of the National Health Service on Friday, causing some surgical procedures to be canceled and ambulances diverted.

Computers infected with WannaCry will have their data encrypted, and display a ransom note demanding $300 or $600 in bitcoin to free the files.

Experts say it will be hard for them to replicate the conditions that allowed the so-called WannaCry ransomware to proliferate across the globe.

United Kingdom authorities believe this was a ransomware program known as Wanna Decryptor. Home Secretary Amber Rudd said all but six of the NHS trusts back to normal Saturday.

"It's an worldwide attack and a number of countries and organizations have been affected", she said.

"For so many organizations in the same day to be hit, this is unprecedented", he said. The NHS Merseyside website was down Friday afternoon local time. He said companies can apply the patch released in March to all systems to prevent WannaCry infections. Patients were asked not to come to hospitals unless it was an emergency.

There were no details on which companies were targeted or the origin of the attack.

John Caldwell, a doctor in Liverpool, told the Guardian he had "no access to record systems or results".

It turned out that the ransomware code was written to connect to an unregistered domain and "if the connection is not successful it ransoms the system, if it is successful, the malware exits". We are dealing with urgent problems only.

"As long as people don't patch, it's just going to keep going".

Like this: