Phone scam claiming to provide WannaCry ransomware supports

Regolare Commento Stampare

The WannaCry ransomware cyber attack has claimed around 2 lakh victims across 150 countries so far, combing its malware attacks from both Friday and Monday, however, India remained relatively safe.

On Wednesday security firms Bitdefender and Proofpoint found hackers using the same exploit to spread cryptocurrency-mining malware called Adylkuzz.

Indian IT experts have cautioned users that ransomware Wannacry may affect various organizations in the country in the upcoming days. No federal systems were affected.

French automaker Renault and its partner, Nissan, say their plants were hit by the attack, NBC reports. However, the day after the outbreak Microsoft released an emergency security patch for Windows XP. One of them, according to computer security experts, provided the blueprint for the latest malware. One month earlier, Microsoft had released a patch targeting the vulnerability.

The U.S. Computer Emergency Readiness Team, part of Homeland Security, urged U.S. victims to contact the Federal Bureau of Investigation.

"The recent attack is at an unprecedented level and will require a complex global investigation to identify the culprits", Europol's European Cybercrime Center says.

Natalie Coull, lecturer in ethical hacking at Abertay University in Dundee, told the Times: "The WannaCry crisis highlights the need for organizations like GCHQ to employ people with offensive security skills, which was only recently acknowledged in the UK's national cybersecurity strategy last November".

An interior ministry spokeswoman said about 1,000 computers using Microsoft Windows were attacked but these had been isolated from networks.

It's tempting for an intelligence service to find ways to shut down an adversary's power grid or hospital system, or to hack traffic lights in a big city to cause chaos. For most users, that patch is applied as an automatic update.

This includes making sure software is downloaded from a legitimate source and remains up to date. Most modern Windows PCs were automatically updated to prevent the exploit, but older computers - those running Windows XP, for example - are no longer routinely supported by Microsoft.

"Most of the Indian organisations are still vulnerable to the attacks since the sophistication of these cyber threats is going up and many of Indian organisations including private and public sector still use outdated operating systems which make it easy for the cyber attackers to compromise the systems". "There are plenty of reasons people wait to patch and none of them are good". If you still can't update, Microsoft has instructions for how to totally disable SMBv1 on your system.

"I don't think it's over".

Many pieces of digital equipment - like the MRI scanners used by the United Kingdom's National Health Service, which run Windows XP - can not be upgraded as easily as a PC.

While encrypting individual computers it infects, WannaCry code does not attack network data backup systems, as more sophisticated ransomware packages typically do, security experts who have studied WannaCry code agree. Attacks can exploit a broad spectrum of vulnerabilities-although phishing is possibly the most common-basically enticing a user to click on an innocent-looking email attachment, which then drops a deadly payload on the computer.

Meanwhile, petrol stations in the western city of Chongqing were unable to accept card payments after systems at China National Petroleum Corp became infected, the South China Morning Post reported. "That's what the data shows", MWR research head Pratley said. "Now, a medical diagnosis or an X-ray, for instance, can not be cancelled so therefore it has enduring value".

There is no single government policy that can mitigate the threat of ransomware. (Whether or not you see this as a good and necessary thing likely has a lot to do with your opinion of whether the NSA too often prioritizes its ability to hurt adversaries over the privacy and safety of USA citizens or over the privacy and safety of people in general).