What we currently know about the global cyberattack

Fernando Stephens
May 19, 2017

In a blog post, Microsoft admonished governments around the world for keeping software vulnerabilities to themselves, instead of reporting them to the developers. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don't be fooled. It effectively takes the computer hostage and demands a US$300 ransom, to be paid in 72 hours with bitcoin.

In the meantime businesses up and down the country were advised to patch as 48 National Health Service trusts in England began to report problems, with 13 NHS organisations in Scotland also being affected.

Did banks under-report cyberattacks?

What was going on?

More than 320 public IP addresses in ROmania were affected by the WannaCry ransomware virus, with a lot of them being in Bucharest (94) and Iasi (38), according to data from the Romanian National Computer Security Incident Response Team CERT-RO. As I wrote about several years ago, you should not be using old versions of Windows because it's a security risk.

CERT warns that users should "be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact your organization's helpdesk or search the Internet for the main website of the organization or topic mentioned in the email)".

"After this malicious program operating on a ransomware system gets into your computer, it requires you to make a payment to provide access to your information on your computer".

There are other types of ransomware out there.

Knowing this was a ransomworm, rather than a normal ransomware, I turned to one of the experts on malware that can spread across Windows networks, Roi Abutbul.

The most frustrating thing about all of this - from an outsider's perspective - is the realization that so many companies, and their employees, lack the dedication to cybersecurity protection options.

AAP rebel Kapil Mishra attacked
Mr Jain is at the centre of Mr Mishra's many allegations of corruption against AAP and its chief Arvind Kejriwal . Mishra has been suspended from the party's primary membership but was not removed from the party.

It's only a matter of time before people get messages on their auto screens saying that the engine has been disabled and it will cost $200 in bitcoin to turn it back on. They called their virus WannaCry.

Intelligence agencies should be legally required to give up any cyberweapons that don't specifically target the military capabilities of adversary states.

Utilize antimalware and antivirus software tools and services.

WannaCry leverages a Windows vulnerability that the NSA knew about, and which was disclosed in January 2017. The problem is that not all customers installed the patch. Security Update KB401258 protects vulnerable Windows and Windows Server editions, including Windows 8, Vista, XP and Windows Server 2003 and 2008. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear.

To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv1 server. The fact that it only works against old Windows systems shows that it is specifically directed against civilian infrastructure, such as public sector networks that are often administered cheaply, by overworked and less qualified information technology professionals, on obsolete hardware, with software that won't run on Windows 10. The software that fixed the WannaCry vulnerability came out in a regular second-Tuesday update, which may have made it seem more routine. Still, beyond the piracy issue, we will no doubt hear for weeks about WannaCry infections because some organizations will be slow to install the patches. But that's also a warning call for you to look at upgrading your computer - which probably isn't good news at planting time or with corn under $4, but your farm data is important and should be protected.

Keep your computer up to date.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime. Those behind the malware attack used the flaw to get into Windows systems.

Third, don't be complacent with the usual ways that malware spreads.

It's unlikely that backups alone would have prevented the WannaCry ransomware attack, especially if there are time-delayed attacks that have been let loose and are waiting to activate. That means you can't train your way out of this.

Other reports by BadHub

Discuss This Article

FOLLOW OUR NEWSPAPER