What is WannaCry? Here's how the ransomware software hijacks your computer
- Author: Arturo Norris May 21, 2017,
May 21, 2017, 13:02
Because numerous computers impacted run older Windows systems like XP, Microsoft issued a rare patch for XP, which it had stopped updating more than three years ago.
Microsoft itself is unlikely to face legal trouble over the flaw in Windows being exploited by WannaCry, according to legal experts. Still, he said, "Microsoft needs to admit that the 20th century is over, it's a much more hostile environment, and that hobbling the NSA won't make us any safer".
"It seems that a lot of internet security guys over the weekend did their homework and ran the security software updates". With this attack, Abrams recommends trying to recover the "shadow volume" copies some versions of Windows have.
The ransomware mixes copycat software loaded with amateur coding mistakes and recently leaked spy tools widely believed to have been stolen from the U.S. National Security Agency, creating a vastly potent class of crimeware.
Meanwhile, new versions of the ransomware have reportedly surfaced, including one without the kill switch exploited by a 22-year-old computer security researcher to shut the attack down. The company is crunching data to arrive at a firmer estimate it aims to release later Thursday. Spain's communications giant Telefonica, utility provider Gas Natural and power firm Iberdrola were hit, as well as the Russian Interior Ministry and FedEx operations in the United States. The result: "Users unlikely to get files restored", the company's Security Response team tweeted.
Professor Clark said more information on protecting your computer was available via the IT security company Sophos and the National Cyber Security Centre, among other sources.
In the wake of the WannaCry ransomware attack, two cybersecurity experts suggest that if hospitals are not already using techniques such as multifactor authentication and public key infrastructure certificates, they need to head in that direction.
Less than 300 payments worth around $83,000 had been paid into WannaCry blackmail accounts by Thursday (1800 GMT), six days after the attack began and one day before the ransomware threatens to start locking up victim computers forever. "But also as an attack that represents an extremely serious threat ... this criminal threat has turned into something that has affected hospitals in the United Kingdom and elsewhere, [and] something that might morph into a more hard threatening matter". These machines are no longer supported by Microsoft and should be upgraded, replaced or at least patched with the one-time security update just issued by Microsoft.
WannaCry landed nine weeks after Microsoft's patch arrived.