Microsoft offers free security fixes following global cyberattack

0
49

The figure could climb as new infections were reported in Asia. It cited the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company.

Alex Abdo, a staff attorney at the Knight First Amendment Institute at Columbia University, said Microsoft and other software companies have strategically settled lawsuits that could lead to court rulings weakening their licensing agreements. Instead, users are left with a button on the displayed ransom note that says “check payment”. Most stations had recovered. “Otherwise they’re literally fighting the problems of the present with tools from the past”, Smith said.

Humans aren’t the only ones who can carry out ransom demands. “Because they could have done something ages ago to get this problem fixed, and they didn’t do it”.

Broadcaster NTV reported 600 companies and 2,000 computers in Japan had been affected.

Microsoft and the government have said that a Microsoft patch would prevent the attack, but many computers lack that patch.

The ransomware (a malicious software that, after infecting a computer, gives the hacker the ability to block and control the PC from a remote location) has been identified as WannaCry. Then it takes over your computer and encrypts all your files.

The government is not legally bound to notify at-risk companies.

“An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen”, attorney Brad Smith wrote on Microsoft’s blog. Most of the leaked exploits are said to use zero-day vulnerabilities, previously unknown software exploits used by hackers before the software makers are aware of them.

Security experts also warn WannaCry might strike again through new, updated variants.

It said Sunday that a similar cyberattack could also recur, though it did not have “specific evidence” of this.

Once a computer is infected, other computers connected to the same network will be infected as well. In fact, fully updated systems were largely protected from WanaCrypt0r even before Friday, with many of those infected having chosen to delay installing the security updates. The fact that there was a “kill switch” in the ransomware, which a researcher was able to activate on Friday, stopping the attack at least temporarily, suggests the coders were sloppy.

According to Microsoft, the affected computers did not have security patches.

Some organizations disconnect computers as a precautionary measure.

Last Friday’s massive WannaCry ransomware attack means victims around the world are facing a tough question: Should they pay the ransom?

“It’s particularly concerning when you’re talking about widely-available software, when the impact on the people is going to be the public at large, not the handful of targets an agency might have”, Singh Guliani told CNNTech.

CERT-In today said it has not received any formal report of cyber attack on India’s vital networks by the crippling global ransomware, “WannaCry”.

Q: Should we expect other cyberattacks like this in the future? And Russia was apparently the hardest hit, with railways, banks and mobile operators knocked out, said BBC reporter Zoe Kleinman.

It is believed to be the biggest online extortion recorded. Train systems were hit in Germany and Russian Federation, and phone companies in Madrid and Moscow.

– How can people protect their computers?

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

Weisman: At the moment we don’t know who is behind the attack.

He said it was too early to say who was behind the onslaught and what their motivation was, aside from the obvious demand for money. But there are obviously many, many computers out there and some people still, I feel, will not think that they need to patch their computer. Cybersecurity experts have said the majority of the attacks targeted Russia, Ukraine and Taiwan.

Microsoft fixed the flaw shortly before the stolen data was published, leading many to conclude it had been surreptitiously tipped-off by the security agency about the existence of the flaw.

Security experts tempered the alarm bells by saying that widespread attacks are tough to pull off.

Advertisement

The ransomware is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March.

Lucky break slows cyberattack; what's coming could be worse

SHARE

LEAVE A REPLY