Microsoft was hoarding patches for WannaCry exploit
- Author: Zachary Reyes May 17, 2017,
May 17, 2017, 22:25
All banks in the country have been ordered to keep their ATMs closed until the machines are protected from the WannaCry ransomware. However, in case of any compromise or attack, RISA advises that the affected computer/PC must be removed from the network and the incident must also be reported to Rwanda Computer Security Incident Response team with immediate effect. The average ransom demanded in 2016 rose from $294 to $1,077 dollars.1 Most ransomware is generally spread when a user clicks on a malicious attachment in an e-mail or on a hyperlink.
The Reserve Bank of India (RBI) also asked all banks to put in place a software update at ATMs to prevent their systems from a malware that has attacked payment systems across the world. ATM operators, however, say that there is no threat to customer data or money.
Furthermore, the latest ransomware attack - believed to have come from a flaw in Microsoft's Windows software that the the US National Security Agency used to build a hacking tool for its own use - highlights the need for health services to introduce a comprehensive back-up plan and recovery processes in the event of a cyber-security breach.
The NHS alone continues to run 70,000 devices using Windows XP, leaving an open goal for hackers to propagate their Wanna Decryptor ransomware across the hospital network. However, the immediate preventive measure before any more ransomware attacks emerge is upgrade all Windows systems, said the security firm.
Sadly, there isn't a simple formula for businesses to follow in regards to ransomware.
The Department of Homeland Security began an "aggressive awareness campaign" to alert industry partners to the importance of installing the Microsoft patch shortly after it was released in March, an agency official working on the attack said. To supplement such training, we have developed a document to help personnel internalize good security practices, both at work and at home: An Individual's Information Security Checklist.
"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage", Smith wrote in a blog post.