Published: Thu, May 18, 2017
Money | By Armando Alvarado

Pirated, outdated operating systems contributes in global ransomware attack

Ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems, said the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). He adds that governments should report vulnerabilities like the one at the center of the WannaCry attack. For those systems that can not be updated, he suggested blocking SMB traffic on ports 139 and/or 445.

"We could use a national cybersecurity policy", said Gartner cybersecurity analyst Avivah Litan.

The victims include hospitals, universities, manufacturers and government agencies in countries like Britain, China, Russia, Germany and Spain. The figure could climb as new infections were reported in Asia.

Computers around the globe were hacked beginning last Friday using a security flaw in Microsoft's Windows XP operating system, an older version that was no longer given mainstream technical support by the USA computing giant. The vulnerability had been stolen from the NSA and then dumped onto the internet by a hacking group.

The data shows that newer operating systems that were patched prior to last week's ransomware attacks, including Windows 7 and Windows 10, make up a 83 percent share of all business computers.

Computers booting up to start the workweek might continue the spread of "WannaCry", a ransomware attack where hackers lock down a computer and threaten to delete all its data unless a ransom is paid.

ANZ and Westpac upgrade next season's NZ milk price forecasts
European Union wholesale markets weakened in April for most products, with the exception of butter and whey powder. Prices of lactose, skim milk powder and cheddar climbed 2%, 1% and 0.6%, respectively.

The advice from security experts and the National Crime Agency (NCA) is do not pay the ransom. Because numerous computers impacted run older Windows systems like XP, Microsoft issued a rare patch for XP, which it had stopped updating more than three years ago.

On Monday, cyber security experts were telling everyone not to give in to those demands.

"They're kind of stuck now because the world is looking for them and the minute they touch those bitcoin wallets, they're going to leave a trail and people are going to be on to them", she said. As of midafternoon Monday, a Twitter bot tracking payments to the wallets said the accounts had a total of a little over $55,000 in them. A recent study by Oxford Economics and consultancy CGI found that breaches of cybersecurity eroded the share prices of companies pretty much permanently. "I don't think there is one".

According to the report, "the high price highlights the quandary the world's biggest software company faces as it tries to force customers to move to newer and more secure software, while at the same time earning a profit from the army of engineers it employs on security issues".

The Electronic Frontier Foundation also called for more visibility into the government's use of security flaws, saying Wanna Cry "points to the need for transparency into and reform of how the government handles software vulnerabilities it retains".

Like this: