Governments Must Treat Cyber Attack as 'Wake-Up Call — Microsoft President

Cesar Mills
May 19, 2017

WannaCry is arguably the most frightening ransomware attack the world has ever seen.

Microsoft in March released a patch for users to remove the vulnerability, but long-standing delays in updating major systems-such as the National Health Service (NHS) in the United Kingdom -exacerbated by a lack of support from the software company, allowed the attack to spread quickly around the world.

At the Tirumala Tirupati Devasthanams, 20 workstations assigned for normal office work and running on Windows 7 and XP operating systems were infected by the virus and were immediately isolated from the network. WannaCry was especially successful because it was able to leverage the spy tools which the NSA developed to monitor the computers of suspected terrorists, an exploit which was leaked last month.

Microsoft had already released fixes to the vulnerability in March, but has provided further updates and reminders to users. WannaCry demonstrated how sophisticated these attacks have become. Organizations still using any of the unsupported platforms will get regular security updates only if they pay enormous fees for "custom support".

The massive ransomware campaign specifically targeted the healthcare industry.

Although the vulnerability has been patched by Microsoft, out-of-date versions of Windows - particularly Windows XP that remains ubiquitous despite being unsupported for two years - allowed WannaCry to propagate itself on what Europol described as an "unprecedented scale".

Microsoft and the government have said that a Microsoft patch would prevent the attack, but many computers lack that patch.

A good thing is that the flaw does not exist in Windows 10.

But it would still affect computers that did not have their software updated.

If you use old software that doesn't update automatically, set up a regular schedule to go to the company's website and download and install updates yourself - at least weekly.

Indian Computer Emergency Response Team (CERT-In) has come out with a list of dos and dont's and webcast on how to protect networks from the global ransomware attack.

Jose Mourinho praises match-winner Marcus Rashford
The first was a spectacular one-handed dive to stop a curling shot from Rashford from going into the top corner in the 20th. United goalie Sergio Romero also had to come up with a hard save, tipping a Pione Sisto shot over the crossbar in the 59th.

3 big questions remain about Michael Flynn after Sally Yates' testimony
Trump responded with an angry tweet , aimed at Yates, accusing her of leaking the details of Flynn's conversations. On May 9, Whitehouse blasted the White House for not immediately firing Flynn after Yates had warned them.

Democrats seek impeachment of President Trump
A move to impeach does not necessarily mean the president will be forced from office. Comey documented several interactions between him and Trump in memos.

Often fake emails and webpages have bad spelling, or just look unusual.

Many anti-virus tools including Microsoft's Windows Defender now recognize and block the ransomware. However, a second wave of the attack that many feared would be carried out with mutated versions of the malware did not happen.

How to keep yourself safe - Be careful of not clicking any malicious looking link.

Back up your important files. Have you paid the ransom?

Ironically, it is Kaspersky Labs that Interpol and Europol brought in for support, days after continuing speculation in the US grew as to whether Kaspersky has Russian intelligence ties.

Should you pay the ransom?

Hundreds of thousands of computers in more than 150 countries have been hit by anonymous hackers, affecting systems run by governments, companies and individuals. The expert warns that this attack is not over. First, you'll be contributing funds towards future crime. In other words, paying may not guarantee you can again access your files.

The WannaCry attack took over computer systems, caused them to freeze, and displayed the message, "Oops, your files have been encrypted!" Prof Alan Woodward of the University of Surrey doubts if someone would return your contact request, considering the amount of attention they are getting from all corners.

However, Microsoft President Brad Smith said in a blog post Sunday that the "stockpiling of vulnerabilities by governments" is a huge issue.

He added that governments should "report vulnerabilities" that they discover to software companies, "rather than stockpile, sell, or exploit them".

In a post on Microsoft's blog, Smith wrote: "An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen".

Other reports by GizPress

Discuss This Article