Saturday, 25 November 2017
Latest news
Main » Microsoft blames US stockpiled vulnerability for ransomware attack

Microsoft blames US stockpiled vulnerability for ransomware attack

19 May 2017

The hackers then demand $300 in order to release control of the files.

The attack, known as "WannaCry" had a key influence across Asia with Chinese state media saying nearly 30,000 institutions had been infected.

Ransomware known as "WannaCry" was unleashed on Friday and exploited vulnerabilities in outdated versions of Microsoft Windows.

Meanwhile, new versions of the ransomware have reportedly surfaced, including one without the kill switch exploited by a 22-year-old computer security researcher to shut the attack down.

A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA, Kaspersky said.

The agency and its partners in the global security community are now in a "sort of cat-and-mouse" competition with hackers, as variants of the software that foil previous solutions emerge, the official says.

Consumers are also at risk.

Warriors Blow Out Spurs, Take 2-0 Series Lead
It seemed like the Golden State Warriors were having a shootaround by themselves tonight in Game 2 of the West Finals. They did a great job, by the way, getting us here. "Kawhi being gone, I don't think as I watched".

Asked why a £5 million contract with Microsoft to protect the XP machines had been terminated, the spokesman said that £50 million had been made available to NHS bodies for cyber security in the 2015 spending review.

The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.

NHS Digital, which oversees United Kingdom hospital cybersecurity, said it sent alerts about the problem - and a patch to fix it - to health service staff and IT professionals last month.

Also hit were Deutsche Bahn, the Russian Central Bank, Russian Railways, Russia's Interior Ministry, Megafon and Telefónica.

"NSA should be embarrassed - they've had a lot of damaging leaks", said James Lewis, a former US official who is now a cyber expert at the Center for Strategic and International Studies.

Experts were urging organizations and companies to update older Microsoft operating systems immediately to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped.

"If customers have automatic updates enabled or have installed the update, they are protected".

Iran's re-engagement with the world at stake in Friday presidential vote
However, Fars believes that it would raise the rating of the president running for the second term by only 2%. Ghalibaf has lost twice in previous elections, first to Ahmadinejad in 2005 and then to Rouhani in 2013.

A massive malware attack was launched on Friday, affecting at least 75,000 computers in 99 countries.

As per the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre), ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems. But the success of the attack shows that not enough people took advantage of the patch. It's a good idea to back up files to a drive that remains entirely disconnected from your network. He said the software attacking a vulnerability had been incorporated with other software and delivered in a way to cause "infection, encryption and locking". But they appear to be less damaging than WannaCry.

In China, universities and other educational institutions were among the hardest hit, about 15 percent of the internet protocol addresses attacked, according to the official Xinhua News Agency.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime.

"Some expensive hardware (such as MRI scanners) can not be updated immediately, and in such instances organizations will take steps to mitigate any risk, such as by isolating the device from the main network", it said.

"At the moment we are in the face of an escalating threat, the numbers are going up, I am anxious about how the numbers will continue to grow when people go to work and turn their machines on Monday morning", he told ITV's Peston On Sunday.

Deere Shares Jump as Demand Improves
Still, equipment net sales in the US and Canada fell 5% for the quarter as global sales increased 14%. Deere sees net income of about $2 billion, up from its previous estimate of around $1.5 billion.