Published: Thu, May 18, 2017
Hi-Tech | By Grace Becker

Microsoft says after WannaCry attack governments should end 'hoarding' security vulnerabilities

Finally, do not forget to back up your important files regularly.

If the user detects the malware within seconds after running it, he must power off the machine, then use an external boot disk to boot the machine and run a cleaner tool to prevent the ransomware from encrypting all his files. Researchers at Symantec and Kaspersky Lab have found similarities between WannaCry and previous attacks blamed on North Korea. Figuring that out could yield important clues to the identity of its authors. But some organizations didn't apply it, and others were running older versions of Windows that Microsoft no longer supports. Read on know how can you make your PCs and laptops WannaCry ransomware safe.

Basic tips such as a standard reluctance to open attachments in emails from strangers (though a well-trodden path) are suggested, as well as targeted warnings among organisations. Analysts at the European Union cybersecurity agency said the hackers likely scanned the internet for systems that were vulnerable to infection and exploited those computers remotely. It encrypted users' computer files and displayed a message demanding $300 to $600 worth of the digital currency bitcoin to release them; failure to pay would leave the data scrambled and likely beyond fix. Failure to pay would leave the data scrambled and likely beyond fix unless users had unaffected backup copies. After three days, the $300 ransom increases to $600. And even finding a real person might be no help if they're in a jurisdiction that won't cooperate.

Given the scope of the attack, relatively few people appear to have actually paid the ransom. But they could all be drawing conclusions from a very small set of clues. A researcher from Google posted on Twitter that an early version of WannaCry from February shared some of the same programming code as malicious software used by the Lazarus Group, the alleged North Korean government hackers behind the destructive attack on Sony 2014 and the theft of $81 million from a Bangladesh central bank account at the New York Fed previous year. Another security company, Symantec, related the same findings, which it characterized as intriguing but "weak" associations, since the code could have been copied from the Lazarus malware.

Putin offers to provide transcript of meeting with Trump
Putin even suggested that Russian Federation share the records of last week's talks between Trump and Lavrov with the U.S. In January, the Trump White House initially denied any contacts with Russian officials during the 2016 campaign.

Forensics, though, will only get investigators so far. The officials spoke to The Associated Press on condition of anonymity because they aren't authorized to speak publicly about an ongoing investigation.

The hackers remain anonymous for now, but it appears that they are amateurs. For more detailed information about the Windows vulnerability and how to resolve it, see Microsoft Security Bulletin MS17-010 - Critical. That wasn't done here. FedEx, Nissan, and the United Kingdom's National Health Service were among the victims.

While the domain registration put a stop to the ransomware's spread, it did not solve the problem for any system that had already been hit by the attack. "But remember that a breach anywhere in the system - like an outdated ATM OS - can lead to breaches in the servers, bank systems and compromise of customer data", said an executive with ATM maker NCR. Because the files are encrypted, removing the malicious software does nearly nothing to solve the situation, rendering the data within the computer completely lost.

In the United Kingdom, hospitals were crippled by the cyberattack, which forced operations to be canceled and ambulances to be diverted.

Like this: