NSA Told Microsoft of Flaw Before Ransomware Attack
- Author: Zachary Reyes May 23, 2017,
May 23, 2017, 12:58
WannaCry is known to have attacked hospitals, railways systems, telecommunication networks, and courier services across countries globally.
"T$3 his attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem". Brad Smith, Microsoft's top lawyer, criticized USA intelligence agencies for "stockpiling" software code that can be used by hackers.
Apple does have one advantage over Microsoft when it comes to issues like malware: it builds both its own software and hardware. "An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen". However, he said it's only a matter of time before a malevolent version exists.
"We don't expect this to be a sophisticated group", said Wellsmore. "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself".
An attack such as this has always been feared: its specific target was the critical information infrastructure where deployment of legacy network systems has always been a bane of cyber security and one that constitutes the backbone of the internet age today.
"That's what makes this more troubling than ransomware was a week ago", Thakur said.
The fast-spreading cyber extortion campaign eased for second day on Tuesday, but the identity and motive of its creators remain unknown. In-fact, popular companies like FedEx, LATAM Airlines and government agencies like Britain's National Health Service were also hit by the ransomware attack. If the affected users would have updated their windows then they would not have fallen prey to the ransomware.
So what can people do to prepare themselves for malware attacks of the future?And since Windows is far more popular in the world than Apple's OS X and macOS, hackers go after Microsoft's operating system.
"It's this constant battle", said Ryan O'Leary, vice president of WhiteHat Security's threat research center. "The attack is not focused on any particular industry but is widely spread, especially across those organisations, which are online and connected", Quick Heal Technologies' managing director Sanjay Katkar said. The official was not authorized to discuss the private meetings by name and requested anonymity.
When you try to open a file, a message appears, demanding a ransom. Experts have suggested that when a user's computer is infected by a ransomware, they should first of all, disconnect their computer from the web network so that other machines connected to it are not affected.
"Right now, just about every IT department has been working all weekend rolling this out", said Dan Wire, spokesman at Fireeye Security.
According to Microsoft's blog, older versions of Windows that are no longer supported by Microsoft were vulnerable, which includes Windows 8 and Windows XP, which the majority of NHS Trusts were running.
Installing the patch is one way to secure computers against the virus.
See, contrary to popular belief, Apple's desktops and laptops aren't inherently safer than those running Microsoft's (MSFT) Windows operating systems.
Companies like Microsoft and Apple continually work to find these vulnerabilities before criminals can exploit them. The patch lists can be ginormous. "But there are so many things to patch. It can be tough to tell which patch is important, until it is too late".