China's banking regulator to step up protection after cyber attack

Angelica Greene
May 19, 2017

There's a blame game brewing over who's responsible for the past week's cyberattack that infected hundreds of thousands of computers. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits".

"Insurance cover only takes care of data or financial loss".

The WannaCry malware works by sending users a text file with a ransom demand for some $300 worth of bitcoins.

The attack was widely publicized, its kill switch was identified early, the malware was poorly coded from a profit perspective, and the attack was amateurish overall, he told the E-Commerce Times. "Microsoft can't be proud".

Analysts have noticed an uptick of ransomware attacks in recent years, with most predicting an even bigger increase in 2017. So it makes sense to assign some responsibility to the NSA - the attackers didn't come up with this security hole on their own, after all.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem". It leveraged an exploit - a tool created to take advantage of a security hole - leaked in a batch of hacking tools believed to belong to the NSA.

"The governments of the world should treat this attack as a wake-up call", Smith said.

IT providers and security firms are encouraging companies and users to make sure they install the official patch from Microsoft.

With waiver, US lets Iran keep getting benefits of nuke deal
House Speaker Paul Ryan last month, Secretary of State Rex Tillerson said Iran had complied with its commitments. Worldwide sanctions will not "snap back", as President Obama said they would if Iran cheated.

Tottenham's Harry Kane scores four in Leicester City rout
He is now in pole position to claim the golden boot after his four-goal haul which took him past last season's total. Tottenham's Harry Kane celebrates with Ben Davies after scoring the third goal against Leicester City.

Speeding vehicle strikes pedestrians in New York City's Times Square
They spoke to The Associated Press on the condition of anonymity because they weren't authorized to speak publicly. One person is dead and at least 22 are hurt after a auto crashed into pedestrians in Times Square Thursday.

However, proof positive of just how bad the spread of "WannaCry" has been, the company did something it hasn't done in years: released a security patch for Windows XP.

Beijing has previously said the proliferation of fake news on USA social media sites, which are largely banned in China, is a reason to tighten global cyber governance. Those running Windows 10 are safe from harm; WannaCry targets older versions of Microsoft's OS, including Vista, Windows 7, and Windows 8.1. (Mac users have been unaffected, he said.) Windows XP was released in 2001.

"For Microsoft to say that governments should stop developing exploits to Microsoft products is naive", said Brian Lord, a managing director at PGI Cyber and former deputy director at the Government Communications Headquarters, one of the U.K.'s intelligence agencies. He noted, however, the complexity that can be involved in patching a security hole. They were faced with the most devastating attack on IT systems that they had ever seen. Once those corrupted emails or files are opened, not only does the virus encrypt files from a long list of file types, but it also scans the networks connected to that computer in search of similar vulnerabilities so that it can spread to other file systems and computers, and eventually hold entire file systems hostage. Multiple backups also help.

"It's not rocket science", Litan said. Asked what the company is doing to prevent such exploitations, he cited "basic IT security blocking and tackling".

Other computers potentially at risk are those that have not been receiving regular software updates known as "patches" that Microsoft distributes regularly via Internet.

This cyberattack used a security hole that still exists for computers running older versions of Windows.

The cyber ransomware attack infected at least two lakh computers in various countries according to European Union's law enforcement agency, Europol.

They exploited a ideal storm of factors - the Windows hole, the ability to get ransom paid in digital currency, poor security practices - but it's unclear if the payoff, at least so far, was worth the trouble.

Other reports by GizPress

Discuss This Article