Published: Fri, May 19, 2017
Sport | By Gary Shelton

Cyber-Security Experts Fear the Progression Of 'WannaCry' Ransomware


At least one Australian business has been affected by the global "WannaCry" ransomware attack, the nation's Cyber Security Minister confirmed. Microsoft's practice of discontinuing support for older versions of its operating systems leaves those still running them vulnerable.

Microsoft President Brad Smith, in a blog post Sunday, compared the mishap to "the USA military having some of its Tomahawk missiles stolen".

"Because simply by threatening another leak after leaking two sets of Microsoft exploits, Shadow Brokers will ratchet up the hostility between Microsoft and the government". He says that when the NSA lost control of the software behind the cyberattack, it was like "the US military having some of its Tomahawk missiles stolen".

Some major technology companies, including Alphabet Inc's Google and Facebook Inc, declined comment on the Microsoft statement.

Expert and Security agencies are yet to find that who is behind the attack. The Securities and Exchange Board of India is keeping a close eye on network security measures for its own systems.

Security firms and government agencies also issued warnings about further attacks using the same vulnerabilities used by WannaCry.

The RBI has asked banks to follow the instructions of government organisation CERT-In on ransomware, which has impacted various IT networks in over 150 countries. But they appear to be less damaging than WannaCry.

He added that most of the exploits The Shadow Brokers May release are still patchable, though exploits to Android handsets might remain "devastating".

Microsoft's free custom support could have stopped 'WannaCrypt'
If you find a problem, disconnect your machine immediately from the internet or other network connections (such as home Wi-Fi). The researcher, identified only as "MalwareTech", found a " kill switch " within the ransomware as he studied its structure.

"Out of that batch, it is probably a high-water mark", Manky said. The security flaw that hackers used to launch the attacks on Friday was made public after information was stolen from the NSA, which routinely searches for flaws in software and builds tools to exploit them, the report said. Microsoft did issue patches for the vulnerabilities before the attacks took place, but not everyone downloaded them. That is the line taken in an editorial in the state-run China Daily, which focuses on the role of leaked code from the U.S. National Security Agency that laid the groundwork for the attack.

"But this is one in which what's broken is the system by which we fix".

The China Daily pointed to the US ban on Chinese telecommunication provider Huawei Technologies Co Ltd, saying the curbs were hypocritical given the NSA leak.

Daniels offered a few more ways to improve the system: "In the future, I think we need to arrive at some metrics for measuring how severe and exploitable a particular vulnerability is".

The malware behind WannaCry (also called WannaCrypt, Wana Decryptor or WCry) was reported to have been stolen from the NSA in April.

The White House did not respond to a request for comment about the status of the review process.

All-India Bank Officers Confederation Secretary S.K. Srinivas said the auto-shutdown of ATMs would be rectified soon.

In Congress, Republican Senator Ron Johnson and Democratic Senator Brian Schatz are working on legislation that would codify the review process.

Like this: