Don't Blame Microsoft For WannaCrypt Vulnerability Exploitation

Regolare Commento Stampare

Ransomware is a type of malicious software that restricts access to your computer or network and threatens to delete your data within an allotted time unless you pay a ransom.

The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a group that has published what it says are hacking tools used by the NSA as part of its intelligence-gathering. Created by the NSA and set up to take advantage of a Windows security issue, the WannaCry ransomware crippled businesses and state-run organizations around the world as the malware spread from computer to computer. In Russia, the mobile phone provider MegaFon, Sberbank, and Ministry of the Interior became the next victim. Critical emergency services such as hospitals and law enforcement in the United Kingdom have been broadly impacted by "Wanacrypt".

The ransomware virus is such lethal and smart that "it also drops a file named '!Please Read Me!.txt' which contains the text explaining what has happened (to the computer) and how to pay the ransom".

Security experts tempered the alarm bells by saying that widespread attacks are tough to pull off. In many cases, this is because they either did not have backups, or they believed it was a faster way of getting their business back up and running.

While the first wave of attacks was accidentally halted by a "kill switch" activated by a tech blogger, experts warn that a newer variant of the ransomware without the kill switch may soon been deployed.

Finding out who was behind the malware is going to be very hard. The program encrypts most of the host system's files and demands a $300 payment in anonymous virtual currency Bitcoin to trigger decryption. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits". And while Microsoft had already released a security update to patch the vulnerability one month earlier, the sequence of events fed speculation that the NSA hadn't told the US tech giant about the security risk until after it had been stolen.

Europol said Saturday that the attack was of an "unprecedented level and requires worldwide investigation". But U.K. hospitals, Chinese universities and global firms like Fedex also reported they had come under assault. The company has been working on transitioning to such built-in technology from its now deprecated EMET exploit mitigation tool, something we've hoped Microsoft would do even before releasing Windows 10. This will continue till the time the threat of infection is reduced or when the ATM systems are updated with the latest software and security updates.

The rapid response from Microsoft indicates just how worrisome the ransomware attack has been for businesses around the world including vital organizations where computers are central to daily work such as hospitals and utility companies. Don't click on links that you don't recognize, or download files from people you don't know personally.

The government has long acknowledged the need to update its old IT systems. Better still, set the system to automatically do this on your behalf.