Scores of countries hit by cyber attack using stolen NSA tools

Fernando Stephens
May 20, 2017

WannaCry operates by locking the user out of their system, encrypting the data, and demanding a ransom via Bitcoin to release it, starting as high as $300.

"You can point a lot of fingers, but I think given that this was not a zero-day vulnerability (for which no patch is available), the people hacked are to blame", said Robert Cattanach, a partner at the worldwide law firm Dorsey & Whitney and an expert on cybersecurity and data breaches.

Here are some of the key players in the attack and what may - or may not - be their fault.

He noted that Microsoft is calling for a "Digital Geneva Convention" that would require governments to report computer vulnerabilities to vendors rather than store, sell or exploit them. This makes the attacks powerless in your organisation.

While Microsoft has issued security patches to plug the hole, the makers of the WannaCry virus are still able to target millions of PCs that have not been updated. WannaCry reportedly used an infection vector developed by the US National Security Agency. The attack is believed to have been carried out using tools that were stolen from the U.S. security agency NSA, which had been stockpiling on a number of vulnerabilities around Windows OS, MacOS, etc. The company patched the vulnerability by releasing an update, and the owners of infected machines simply had to install it, but clearly, that didn't happen. "We are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003".

Stronger rules are required to force companies to disclose when they have succumbed to a cyber attack, and penalties may be needed to encourage us all to be better cyber citizens.

Microsoft says all organizations using any version of their OS need to deploy Microsoft Security Bulletin MS17-010 immediately. Before Friday's attack, Microsoft had made fixes for older systems, such as 2001's Windows XP, available only to those who paid extra for extended technical support.

LINK: Which Windows operating system am I using?

Preakness should be a dream from start to finish
But he likes where he's sitting, and knows that when you're dealing with 3-year-old horses, there's so much you don't know. The rangy son of Bodemeister has won four in a row for Pletcher since going 0-for-2 last summer with Dominick Schettino.

The company on Friday said it had added additional protection against the specific malware, and was working with affected customers.

According to Matthew Hickey, founder of the security firm Hacker House, the attack is not surprising, and it shows many organizations do not apply updates in a timely fashion.

How to prevent WCry attack? Backups often are also out of date and missing critical information.

Here's a guide from the Cyber Security Agency's SingCERT (Singapore Computer Emergency Response Team) on what to do if you become a victim.

"It's not rocket science", Litan said.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", he said. Asked what the company is doing to prevent such exploitations, he cited "basic IT security blocking and tackling". If you're not running a legal, official copy of Windows you can't register it, which means Microsoft can't send you updates about security patches.

Cybersecurity firm Avast said it had identified more than 75,000 ransomware attacks in 99 countries on Friday, making it one of the broadest and most damaging cyberattacks in history.

Other reports by BadHub

Discuss This Article