Published: Thu, May 18, 2017
Hi-Tech | By Grace Becker

WannaCry Ransomware Attack Could Spark Lawsuits - But Not Against Microsoft

WannaCry Ransomware Attack Could Spark Lawsuits - But Not Against Microsoft

Scammers apparently inspired by the WannaCry ransomware attack have been repeatedly calling an unwell 80-year-old Palmerston North woman, even ringing at midnight to try and con her. The precedent may impact other software sellers, too.

Here are a few important things that you need to know about the worst ever cyber attack witnessed by the world: What is a ransomware?

In what one of the most significant cyberattacks ever recorded, computer systems from the Russia, Brazil and the US were hit beginning Friday by malicious software that exploited a vulnerability in Microsoft's Windows operating system.

If you are a home Windows XP user, patch immediately follow up with an upgrade.

The infections spread quickly, reportedly hitting as many as 100 countries, with Russian systems affected apparently more than others. A patch is a software used to correct any loophole in a programme including security vulnerabilities. The Hitachi ATMs deployed by many White Label ATM players and Yes Bank were impacted by the malware.

China's National Computer Network Emergency Response Center has confirmed that by 14 May, half of the infected IPs were located in China.

Calling themselves the Shadow Brokers, the group first appeared in 2016 claiming that they had access to 75% of the U.S. cyber arsenal, which they offered to auction to the highest bidder.

Australian companies warned about global cyber attack
That program spread much more quickly than expected, soon choking and crashing machines across the internet. The Andhra Pradesh systems were isolated PCs and not connected to larger networks, he said.

Microsoft had released a patch in March to counter WannaCrypt ransomware, the company also issued a prompt update on Friday to Windows Defender to detect the WannaCrypt attack. Up till now, the global cyber-attack has affected more than 200,000 victims in 150 countries, which also includes India.

In a blog post, published by Brad Smith, president and chief legal officer at the company, on Sunday he said that the attack was enabled through National Security Agency (NSA) stockpiling exploits, rather than openly sharing discovered exploits so they could be fixed. The worm will then work its way through all of the computers within the network, and proceed to infect each and every one of them, even if the ransomware wasn't directly executed from any of these stations. Yet tens of thousands of computers weren't updated, allowing the malware the room it needed to spread.

Ensure regular penetration testing is conducted within your environment to identify your organisation's overall attack surface.

"That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup".

But with Microsoft making an exception this time and providing the patch free to XP users, it may come under pressure to do the same next time it issues a critical security update.

The state-run People's Daily compared the cyber attack to the terrorist hacking depicted in the USA film "Die Hard 4", warning that China's role in global trade and internet connectivity opened it to increased risks from overseas. Security patches would be available for clients with older machines, but only if they paid for custom support agreements.

How To Protect Yourself From WannaCry Ransomware? That's what the lawmakers and federal officials should be focusing on - not on trying to discourage consumers from using encryption on their smartphones, or on building stockpiles of malware based on vulnerabilities they alone have found.

Like this: