NSA Told Microsoft of Flaw Before Ransomware Attack

Angelica Greene
May 20, 2017

Ransomware WannaCry last week ripped through hundreds of thousands of PCs in what is considered the largest ever cyber-extortion scheme. It involves blocking someone's personal data on a computer and threatening to destroy or expose it if the person does not pay a ransom.

With more than 300,000 computers worldwide compromised by the WannaCry ransomware in at least 150 countries, including the National Health Service in the United Kingdom, Monday was expected to be a day of reckoning for US healthcare organizations facing the file-encrypting malware. Here are some tips from security experts.

A new report by CNet shares Microsoft's anger over government secrecy surrounding bugs, a practice the tech company directly blames for the recent wave of attacks. That's when the NSA told Microsoft about the vulnerability, and the company issued a security update to fix the flaw.

"The size of the outbreak is indicative of the number of machines out there which have not been patched with security updates". Getting people to understand how is still a serious challenge. "Microsoft issued an emergency patch over the weekend addressing this situation for those people".

WannaCry is custom built for windows only. It spread to so many computers so rapidly by using an exploit - software capable of burrowing unseen into Windows computer operating systems. "Those were extremely vulnerable because they had their systems running for a long time without updates", he says. The virus has also impacted computers running Windows Vista and Windows 7 whose owners had blocked the security updates.

How do you spot a fishy email? People can also detect a suspicious e-mail by checking the spelling and grammatical errors in it.

Former West Allis law enforcement officer charged with shooting Amtrak conductor
Klein allegedly pulled out a handgun and reached out of the window of the train and shot the conductor, who was on the platform. After Klein fired, other passengers and train personnel restrained him until police arrived, prosecutors said.

TrueNorth Inc. Sells 2120 Shares of Exxon Mobil Co. (XOM)
Bridgeway Cap owns 0.01% invested in MULTI UNITS LUXEMBOURG LYXOR US$ 10Y INFLATION BREAKEVEN (LON:INFU) for 431,078 shares. Pennsylvania-based Tfs Capital Ltd Liability has invested 0.04% in Gladstone Investment Corporation (NASDAQ:GAIN).

Mohammed Shami recalled for India Champions Trophy campaign
Shami is hopeful that the quartet of him, Bhuvneshwar Kumar , Umesh Yadav and Jasprit Bumrah should be able to perform as a unit. India will defend their title in the ICC Champions Trophy 2017 which will once again take place in England.

In addition, ransomware developers often use pop-up windows that advertise software products that remove malware.

To securely plug the loopholes from being exploited by hackers and evolving into a large-scale networking disaster, it is utterly essential for the technology sector and software customers, including governments and corporate uses, to join forces to prevent this from happening. That way, if a hacker locked down your computer, you could simply erase all the data from the machine and restore it from the backup.

For larger businesses with hundreds or thousands of employees, applying security updates organizationwide can be hard. Download the latest security and anti-malware software right here on FileHippo - all for free. Businesses should determine the best time to apply these security updates to office computers without interrupting productivity, he added.

In any case, the attack has been identified by the cybersecurity firm Proofpoint. However, sometimes, you can not avoid being infected. "We have seen earlier that black hats would mainly attack and deface Indian websites but now the objective is mainly money". If there are none, don't lose hope: There may be new security tools to unlock your files in the future.

Are victims paying the ransom?

They advised those whose networks have been effectively shut down by the ransomware attack not to make the payment demanded - the equivalent of $300, paid in the digital currency bitcoin, delivered to a likely untraceable destination that consists merely of a lengthy string of letters and numbers.

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER