Published: Sat, May 20, 2017
Hi-Tech | By Grace Becker

Ways To Become a Smaller Target for Ransomware Hackers


Latest evidence suggests "phishing" emails are unlikely to have caused the WannaCry global cyberattack, however.

Who's being targeted for blame?

Since increasing numbers of systems running older versions of Windows were affected, Microsoft had made a decision to push an emergency patch for Windows XP and Windows Server 2003, urging users to deploy the patch as soon as possible to limit the impact of WannaCry.

"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage", he added.

Some organizations disconnect computers as a precautionary measure. When it infects a computer, it encrypts files, making them unusable, and demands a ransom to unlock the files. Whatever its source, it was published on the internet last month by a hacker group called ShadowBrokers.

Here are some of the key players in the attack and what may - or may not - be their fault.

Security experts at Symantec, which in the past has accurately identified attacks mounted by the United States, Israel and North Korea, found early versions of the ransomware, called WannaCry, that used tools that were also deployed against Sony Pictures Entertainment, the Bangladesh central bank previous year and Polish banks in February. As well as the NHS in the United Kingdom, it hit French auto manufacturer Renault, US delivery service FedEx, Russia's interior ministry and Spanish telecoms and gas companies.

Government agencies running obsolete software is also a huge problem.

"The governments of the world should treat this attack as a wake up call", Microsoft's president and chief legal officer, Brad Smith, wrote in a blog post.

First Tejas train to run on May 22
In his last year's Budget speech, Prabhu had promised Tejas to showcase the future of travelling by trains in India. Tejas Express will also run on the Delhi-Chandigarh and Surat-Mumbai routes, the Indian Railways has announced.

The ACLU, meanwhile, urged Congress to pass a law requiring the government to disclose vulnerabilities to companies "in a timely manner", so that they can patch them as soon as possible.

He noted that Microsoft is calling for a "Digital Geneva Convention" that would require governments to report computer vulnerabilities to vendors rather than store, sell or exploit them.

Avivah Litan, a cybersecurity analyst at Gartner, agreed that the government is "is negligent not doing a better job protecting companies", but added that it's not like "you can stop the USA government from developing cybertools" that then work as intended. It is likely that most, if not all of the outstanding exploits held by the Shadow Brokers, have already been fixed by Microsoft, Google, Apple and others.

Still, it was Microsoft that wrote the exploitable software to begin with. Even though there are ways to install the latest updates on updates on Windows which are not genuine, Microsoft is also implementing restrictions every once in a while, so depending on the release, it could be more or less hard to patch a pirated Windows copy. The coders didn't seem to know quite what they were doing; even their ransom scheme was inept and, for all the millions of computers affected, only a few resulted in payment in bitcoin, to anonymised but viewable accounts, of just over $50,000. Updating software will take care of some vulnerability. He noted, however, the complexity that can be involved in patching a security hole.

Security experts have long warned about attacks on large numbers of unpatched systems, and while there's a slow migration to newer systems, it's not moving fast enough. No company - or hospital, or university, or individual - asks to be the victim of cybercrime, but there are also things companies can do to prevent the attacks from succeeding.

Bottom line: Make sure your device's software is up to date.

An informative paid backup software comparison on this PCMag article. "It never happens, because there are compelling reasons to stay the way it is", Nather said. Then Ransomware leverages flaws in the computer's operating system to force it to run Ransomware code.

However, the biggest issue is the rampant use of pirated windows software, which will in-fact result in no patch maintenance, which further means, more havoc in the country.

On Friday, May 12, the world was hit with a massive cyber-attack with over 200,000 computers across 150 countries affected.

Like this: