The cyberextortion attack hitting dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly risky security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks. Numerous British hospitals victimized in the attack were running XP. The frequency and scale of attacks also gives us a measure of how effectively companies and countries are prepared for cybersecurity attacks of any kind.
The WannaCry ransomware seemed to be built to exploit computer spying tools originally designed by the U.S. National Security Agency, researchers said. The ransomware was created to repeatedly contact an unregistered domain in its code.
Nachreiner also recommended organizations invest in advanced malware protection, and build up a multi-layered defense to cyber attacks.
“Thus by registering it we inadvertently stopped any subsequent infections”, he told CNNTech.
Further, while the WannaCry ransomware attack targeted PCs with Microsoft software, one researcher said Apple (AAPL) could also be hit with similar attacks.
Europol said Saturday that the attack was of an “unprecedented level and requires worldwide investigation”.
U.S. Treasury Secretary Steven Mnuchin, at a meeting of world leaders in Italy, said the attack was a reminder of the importance of cybersecurity.
Phillip Misner, Principal Security Group Manager Microsoft Security Response Center explains, “This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind”. They say that the principal motive of these ransomware was only to lock important information in networks and stop customer access to them. That may be mission critical for the agency, but it doesn’t mean the NSA should use those vulnerabilities without regards for any other consequences. There’s Microsoft, whose ubiquitous Windows operating systems were compromised after attackers exploited a security hole. The malware spread through computers that weren’t updated. While the Windows XP operating system (OS) is no longer supported by Microsoft, the vendors providing the ATM software that runs on the XP OS, are providing their solutions for managing overall vulnerability of ATMs. That program spread much more quickly than expected, soon choking and crashing machines across the internet. When public XP support ended in 2014, the government said it expected the majority of its machines to be upgraded within a year.
This article first appeared on MyBroadband and is republished with permission.
“So there’s a good chance they are going to do it… maybe not this weekend, but quite likely on Monday morning”.
WannaCry has already caused massive disruption around the globe.
As CBS News’ Jonathan Vigliotti reported, the virtual attack sent the United Kingdom’s National Health Care Service into emergency mode.