Microsoft says ransomware attack should be a 'wake-up call' for governments

Amos Gonzales
May 18, 2017

The virus exploits a vulnerability in Microsoft Windows XP software, first identified by the US National Security Agency. "Report such instances of fraud to CERT-In and law enforcement agencies", CERT-In said. In the United Kingdom, where the initial attack threw parts of the health care system into chaos Friday, the government scheduled an emergency meeting Monday afternoon to discuss the attack.

The DHS has a cadre of cyber security professionals that can provide expertise and support to critical infrastructure entities, it said in a statement.

Organizations around the world spent the weekend trying to recover after being hit by a virus that seeks to seize control of computers until victims pay a ransom. But U.K. hospitals, Chinese universities and global firms like Fedex also reported they had come under assault. They might be hiding out in countries that wouldn't be willing to extradite suspects for prosecution, said Robert Cattanach, a former U.S. Justice Department attorney and an expert on cybersecurity. "It's a big priority of mine that we protect the financial infrastructure", he said.

Investigators might also be able to extract some information about the attacker from a previously hidden internet address connected to WannaCry's "kill switch".

Germany's national railway says that it was among the organizations affected by the global cyberattack but. The exploit was leaked last month as part of a trove of NSA spy tools.

Now that this "WannaCry" malware is out there, the world's computer systems are vulnerable to a degree they haven't been before, unless people everywhere move quickly to install Microsoft's security patches.

Britain is spending around 50 million pounds ($64 million) on improving the security of the National Health Service's computer systems and had warned the NHS it faced cyber threats, defense minister Michael Fallon said on Sunday. Microsoft released patches over the weekend to protect Windows versions against the attacks.

The patches won't do any good for machines that have already been hit.

Trump does not think U.S. should copy Australia's health system: White House
Despite this assurance, many United States citizens are anxious that they will not be able to afford healthcare under the changes. Trump returned to NY on Thursday night for the first time since he took office on January 20.

"Expect to hear a lot more about this tomorrow (Monday) morning when users are back in their offices and might fall for phishing emails", or other as yet unconfirmed ways the worm may propagate said Christian Karam, a Singapore-based security researcher.

In the US, "the list of victims is very small", a Department of Homeland Security official tells NPR, noting that it's still relatively early in the WannaCry attack. Europol, the European Union's police agency, said the onslaught was at "an unprecedented level and will require a complex worldwide investigation to identify the culprits".

Barts Health, which runs five hospitals in London, said Sunday it was still experiencing disruption to its computer systems and it asked for the public to use other NHS services wherever possible. Smith was responding to reports that the "ransomware" virus dubbed WannaCry had locked up over 200,000 computers across the world. State media reported that digital payment systems at some gas stations were offline, forcing customers to pay cash.

The effects were felt across the globe, with Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the US and French carmaker Renault all reporting disruptions.

A ransomware attack that began in Europe on Friday is lingering - and hitting new targets in Japan and China. The other is to disable a type of software that connects computers to printers and faxes, which the virus exploits, O'Leary added. Please, he urged, don't ignore security updates.

The WannaCry ransomware software itself - which encrypts the victim's data and demands a bitcoin ransom to unlock it again - was fairly ordinary. Here's how to turn automatic updates on.

Enable the "Show file extensions" option in the Windows settings on your computer.

Other reports by BadHub

Discuss This Article

FOLLOW OUR NEWSPAPER