Published: Thu, May 18, 2017
Money | By Armando Alvarado

4 takeaways from the WannaCry cyberattack


The worldwide "ransomware" cyber-attack spread to thousands more computers on Monday as people across Asia logged in at work, disrupting businesses, schools, hospitals and daily life.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime. "If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return". This particular program, called WannaCry, asks for about $300, though the price increases over time. Once it infects one computer within a network, it can spread to all the computers in that network "within seconds", said Israel Levy, the CEO of the cybersecurity firm Bufferzone.

Circulars were also issued to all Indian missions overseas according to sources in the ministry of external affairs.

Security minister Ben Wallace said that the NHS had followed "pretty good procedures" in dealing with the attack.

But those computers infected by the ransomware appear to be outdated devices that organizations deemed too expensive to upgrade, or too hard to patch without disrupting crucial operations, the Guardian reported. And that's just the ones they tracked. "I am anxious about how the numbers will continue to grow when people go to work and turn [on] their machines on Monday morning".

If you're running a Windows-powered PC, make sure all your software is up to date. Don't click on links that you don't recognize, nor download files from people you don't know personally.

You're out of luck.

While the effect on companies in the Americas was not yet clear, aftershocks elsewherefrom the "Wannacry" virus have so far been mild.

At present, the so-called "kill switch" for the attack, discovered by a young British cybersecurity researcher, is no longer effective. As soon as he registered the domain, the ransomware appeared to stop spreading.

According to the researchers at Heimdal Security, hackers have upgraded the ransomware, and it is now popping up without the Achilles heel - carrying the name Uiwix. As there is no decryption tool for the malware until now, users have no choice but to pay up to get back their data.

There is now no way to fix a computer that's infected by WannaCry.

Microsoft has had a whirlwind last few days.

Special Counsel Mueller Has a History in Mass.
In a written statement, Mr Trump insisted anew there were no nefarious ties between his campaign and Russian Federation . During a commencement address Wednesday at the Coast Guard Academy, he complained bitterly about criticism he's faced.

Many experts say wiping your machine and relying on backups is a better way to go.

Smith said the "ransomware" attacks had used data stolen from the NSA earlier this year - which contained information on software vulnerabilities the government had hoped to hoard - and subsequently leaked them online.

Does WannaCry affect my Mac, iPhone or Android?

If your computer is affected, Microsoft has made the MS17-010 patch available for download.

Microsoft president and chief legal officer, Brad Smith, said by keeping software weaknesses secret, vendors are left in the dark, can't issue updates and their customers are left vulnerable to attacks such as the one that exploded this weekend.

Experts urged organizations and companies to immediately update older Microsoft operating systems, such as Windows XP, with a patch the firm released two months ago to limit vulnerability to a more powerful version - and future versions - of the malware. Users of Windows 7, Windows 8.1 and Windows Vista can protect themselves by updating the software by running Windows Update on their computer.

India is on high alert, monitoring critical networks across sectors like banking, telecom, power and aviation to ensure that systems are protected against the attack that has claimed victims in more than 150 countries over the weekend.

The diabolical part of that is corporate computers are typically controlled by IT departments that choose when to send updates to computers.

And considering the scope of the latest attack - FedEx, Nissan and Telefonica were targeted along with governments and hospitals - investors may continue to flock to cybersecurity companies.

The WannaCry or WannaCrypt ransomware attack deployed a Windows exploit that the National Security Agency had used for its own purposes until it was leaked in April by the hacking group Shadow Brokers.

Other experts also blamed the government.

Like this: