Thursday, 24 May 2018
Latest news
Main » Microsoft blames US stockpiled vulnerability for ransomware attack

Microsoft blames US stockpiled vulnerability for ransomware attack

19 May 2017

The hackers then demand $300 in order to release control of the files.

The attack, known as "WannaCry" had a key influence across Asia with Chinese state media saying nearly 30,000 institutions had been infected.

Ransomware known as "WannaCry" was unleashed on Friday and exploited vulnerabilities in outdated versions of Microsoft Windows.

Meanwhile, new versions of the ransomware have reportedly surfaced, including one without the kill switch exploited by a 22-year-old computer security researcher to shut the attack down.

A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA, Kaspersky said.

The agency and its partners in the global security community are now in a "sort of cat-and-mouse" competition with hackers, as variants of the software that foil previous solutions emerge, the official says.

Consumers are also at risk.

Twin bomb blasts rock university of Maiduguri in Nigeria, 1 dead
The Police in Borno State have confirmed the incident, but said only the suicide bombers were killed in the incident. Isuku said the scene of the attacks have been visited by EOD personnel and that normalcy has been restored.

Asked why a £5 million contract with Microsoft to protect the XP machines had been terminated, the spokesman said that £50 million had been made available to NHS bodies for cyber security in the 2015 spending review.

The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.

NHS Digital, which oversees United Kingdom hospital cybersecurity, said it sent alerts about the problem - and a patch to fix it - to health service staff and IT professionals last month.

Also hit were Deutsche Bahn, the Russian Central Bank, Russian Railways, Russia's Interior Ministry, Megafon and Telefónica.

"NSA should be embarrassed - they've had a lot of damaging leaks", said James Lewis, a former US official who is now a cyber expert at the Center for Strategic and International Studies.

Experts were urging organizations and companies to update older Microsoft operating systems immediately to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped.

"If customers have automatic updates enabled or have installed the update, they are protected".

Ferry Service Launches Between Russia, North Korea Despite US Demands
The aged ship, which used to ferry goods between Japan and North Korea, was fully renovated for the new route. The North has carried out two atomic tests and dozens of missile launches since the beginning of past year .

A massive malware attack was launched on Friday, affecting at least 75,000 computers in 99 countries.

As per the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre), ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems. But the success of the attack shows that not enough people took advantage of the patch. It's a good idea to back up files to a drive that remains entirely disconnected from your network. He said the software attacking a vulnerability had been incorporated with other software and delivered in a way to cause "infection, encryption and locking". But they appear to be less damaging than WannaCry.

In China, universities and other educational institutions were among the hardest hit, about 15 percent of the internet protocol addresses attacked, according to the official Xinhua News Agency.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime.

"Some expensive hardware (such as MRI scanners) can not be updated immediately, and in such instances organizations will take steps to mitigate any risk, such as by isolating the device from the main network", it said.

"At the moment we are in the face of an escalating threat, the numbers are going up, I am anxious about how the numbers will continue to grow when people go to work and turn their machines on Monday morning", he told ITV's Peston On Sunday.

New York driver suspect Richard Rojas was 'hearing voices'
At least 22 people have been injured and one is dead after a speeding auto struck pedestrians in New York City's Times Square. Rojas' mother was also brought in for questioning; she said nothing to reporters as detectives led her to a waiting vehicle .