WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities

Share

In fact, related or copycat attacks may have begun without being detected yet.

Microsoft Corporation is pointing its finger at the United States government, while some experts say the software giant is accountable too.The attack started Friday and has affected computers in more than 150 countries, including severe disruptions at Britain's National Health Service. The Windows vulnerability theft from the NSA is directly tied to WannaCry.

He went on, though, to emphasize that the attack had demonstrated the "degree to which cybersecurity has become a shared responsibility between tech companies and customers", the latter of whom must update their systems if they want to be protected.

"Many companies subscribe to the theory that if it's 'not broke, don't fix it, ' especially those that aren't prioritizing IT", Spiceworks senior technology analyst Peter Tsai told told ZDNet. It was responsible for crippling Britain's hospital network and Germany's railway, along with other governments and infrastructures worldwide.

An afternoon recap of the day's most important business news, delivered weekdays.

The ransomware is mainly targeting devices that run very old versions of software like Windows XP and which are unpatched. WannaCry is ransomware - malicious software that encrypts people's data, then demands payment in exchange for decryption. Security experts believe that WannaCry has initially infected computers by getting people to download it via email. For example, there's medical equipment that uses Windows in its control computer, but can't be updated.

More news: Sturridge: Liverpool will decide if I'm still here next term
More news: Airlines group urges alternatives to extending electronics ban
More news: "Guardians of the Galaxy Vol. 2" tops box office in North America

At least a dozen other NSA tools are now being discussed and worked on as the basis of potential new cyberweapons on hacking forums on the dark web - parts of the internet not accessible via normal search engines. However, the immediate preventive measure before any more ransomware attacks emerge is upgrade all Windows systems, said the security firm. The ransomware attack will force hundreds of thousands of users of older versions of the Windows operating system to upgrade to recent versions such as Windows 10 Pro - which now retails on the Windows store for a sweet Rs 14,999.

"The problem is that there are a lot of Windows computers out there that either don't have automatic updates enabled or are so outdated that Microsoft has stopped providing security updates altogether", Vox said.

An infection map shows not only Andhra Pradesh, but also several other spots in India under threat.

"I'm surprised that it took this long for someone to use the ShadowBrokers leak", said Georgia Weidman, founder and CTO of the Shevirah cyber-security company, who noted that the malware exploit a vulnerability in Windows that's existed for almost a decade. A group called the Shadow Brokers were able to steal the tools last summer and started publishing them online. Last week, someone pulled the trigger. The longer the users wait, the higher the ransom money. This particular application is what we call the WannaCry Ransomware, which asks for at least $300 from the user. That may not be easy.

But researcher Ethan Heilman, a doctoral student in computer science at Boston University, said some of those tumbler services are essentially fences who may try to steal the hackers' bitcoin proceeds.

One area that may lead to coverage disputes would be the ease with which the problem could have been avoided, he said.

Share