NSA Told Microsoft of Flaw Before Ransomware Attack

Fernando Stephens
May 19, 2017

Can you imagine? Software that could hold a city's sewage system for ransom?

Last Friday, the largest cyberattack ever affected more than 200,000 computers in more than 150 countries.

"In case the client is using pirated or old software which is making them victim to cyber crime, no money will be paid", said a senior executive of a private insurance company who also said there is a spike in queries of cyber insurance. "Cautious online behavior would probably have prevented the malware from infecting the network in the first place".

Cyber risk has been one of the hottest topics in the re/insurance industry, with re/insurers racing to develop new models and products to provide cover for cyber threat - recognised as a top risk to businesses in Europe and the USA, and now with attacks like these, increasingly across the globe. "Security is the most important factor these days and we are pleased to attend a forum which enlightens us about these solutions".

A photo taken on May 15, 2017 shows staff monitoring the spread of ransomware cyber-attacks at the Korea Internet and Security Agency (KISA) in Seoul. Three vital email security tips for defending against ransomware are then presented. In this case, the attackers are asking for at least $300 in bitcoins for each computer affected by the attack.

In other words, if people had simply stayed on top of security updates, their machines would not have been infected. Windows sent out an update in March for Windows 10 but many people didn't install it.

Even though WannaCry specifically targeted Windows machines, that does not mean Mac or Linux users are off the hook in the future.

Being the software security provider to the recently hacked NHS has not hurt Sophos (SOPH). Have you updated your computer and downloaded the latest version of Windows (or MacOS if you use an Apple computer)? Mr Kamden of NordVPN said 30 per cent of popular anti-virus systems were capable of detecting and neutralizing the ransomware. But the profits criminals can make through ransomware and other malicious code ensure the problem will never vanish.

Trump's ex-adviser Flynn will not honor Senate subpoena
Flynn, through his lawyer, had earlier asked for immunity from "unfair prosecution " in exchange for agreeing to cooperate with the committee.

"Our key direction to you is to remember that we are in this with our customers - we are trusted advisers, counselors, and suppliers to them", he wrote.

The developer has chosen to remain nameless but uses the Twitter account @malwaretechblog.

Echoing that view, the former government official said: "One way to view it might be: they made a defective product that the current laws don't make them liable for, and force you to buy a new product otherwise you are vulnerable to harm from the existing product". Do regular backups of your data, both locally with an external drive and in the Cloud.

For larger businesses with hundreds or thousands of employees, applying security updates organizationwide can be hard. This sophisticated, self-propagating malware was created to spread to all other computers on the same network after infecting one machine.

Despite the high profile of WannaCry, widespread malware outbreaks have become less common over the years, as Microsoft has improved the security of its systems, said Ziv Mador, vice president for security research at Trustwave, a security services firm.

Businesses that are at particular risk of a ransomware attack are those where operational access to data is critical, which is why the impact on the NHS has been disproportionately serious. The series features ideas, opinions and insights from end-users, analysts, systems integrators and OEMs.

When you try to open a file, a message appears, demanding a ransom.

Still, there are no guarantees that a victim actually will receive a decryptor key after paying a ransom to cyberthieves, he acknowledged, making the decision to pay a ransom a hard call.

Other reports by BadHub

Discuss This Article