Saturday, 27 May 2017
Latest news
Main » Microsoft blames US stockpiled vulnerability for ransomware attack

Microsoft blames US stockpiled vulnerability for ransomware attack

19 May 2017

The hackers then demand $300 in order to release control of the files.

The attack, known as "WannaCry" had a key influence across Asia with Chinese state media saying nearly 30,000 institutions had been infected.

Ransomware known as "WannaCry" was unleashed on Friday and exploited vulnerabilities in outdated versions of Microsoft Windows.

Meanwhile, new versions of the ransomware have reportedly surfaced, including one without the kill switch exploited by a 22-year-old computer security researcher to shut the attack down.

A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA, Kaspersky said.

The agency and its partners in the global security community are now in a "sort of cat-and-mouse" competition with hackers, as variants of the software that foil previous solutions emerge, the official says.

Consumers are also at risk.

Former FBI director Mueller appointed as special counsel in Russian Federation investigation
John McCain, R-Ariz., said Trump would be making a mistake to start a rhetorical war with the new investigator. Trump said he was about to name a replacement for Comey, another move to settle the waters.

Asked why a £5 million contract with Microsoft to protect the XP machines had been terminated, the spokesman said that £50 million had been made available to NHS bodies for cyber security in the 2015 spending review.

The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.

NHS Digital, which oversees United Kingdom hospital cybersecurity, said it sent alerts about the problem - and a patch to fix it - to health service staff and IT professionals last month.

Also hit were Deutsche Bahn, the Russian Central Bank, Russian Railways, Russia's Interior Ministry, Megafon and Telefónica.

"NSA should be embarrassed - they've had a lot of damaging leaks", said James Lewis, a former US official who is now a cyber expert at the Center for Strategic and International Studies.

Experts were urging organizations and companies to update older Microsoft operating systems immediately to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped.

"If customers have automatic updates enabled or have installed the update, they are protected".

Pakistan says it does not accept ICJ's jurisdiction on security issues
After Modi, Home Minister Rajnath Singh and Finance and Defence Minister Arun Jaitley tweeted in quick succession praising Sushma. Pakistan Peoples Party leader Sherry Rehman told Dawn: "We based our case on jurisdiction and it proved weak".

A massive malware attack was launched on Friday, affecting at least 75,000 computers in 99 countries.

As per the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre), ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems. But the success of the attack shows that not enough people took advantage of the patch. It's a good idea to back up files to a drive that remains entirely disconnected from your network. He said the software attacking a vulnerability had been incorporated with other software and delivered in a way to cause "infection, encryption and locking". But they appear to be less damaging than WannaCry.

In China, universities and other educational institutions were among the hardest hit, about 15 percent of the internet protocol addresses attacked, according to the official Xinhua News Agency.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime.

"Some expensive hardware (such as MRI scanners) can not be updated immediately, and in such instances organizations will take steps to mitigate any risk, such as by isolating the device from the main network", it said.

"At the moment we are in the face of an escalating threat, the numbers are going up, I am anxious about how the numbers will continue to grow when people go to work and turn their machines on Monday morning", he told ITV's Peston On Sunday.

Naming Special Counsel Is 'Very, Very Negative Thing' For National Unity
The investigation is open-ended, and at this point it is impossible to say how long it might take and what its outcome could be. Attorney General Jeff Sessions has recused himself from any existing or future investigations related to Russian Federation .