Microsoft faulted over ransomware while shifting blame to NSA
Software updates often contain lots of patches that fix bugs and close security loopholes; regularly using Windows Update or the Software Update feature on a Mac will help insulate you from problems.
A NYC area email security provider, IT consultant and MSP presents simple steps that organizations can take to prevent successful ransomware attacks-in a new ransomware defense article on the eMazzanti Technologies website.
For all the worldwide chaos they have caused, the ransomware attack’s perpetrators have reportedly made little more than less than $70,000, according to Tom Bossert, assistant to the president for homeland security and counterterrorism. The government of India promptly hosted a webinar on the ransomware attack on May 15. It essentially relies on victims clicking on or downloading the attachment, which causes the program to run and infect your computer with ransomware.
Reports have it that sixteen National Health Service (NHS) organizations in the United Kingdom have been reportedly hit with some of the hospitals cancelling outpatient appointments.
Some are. The news site Quartz has set up a Twitter bot to track the bitcoin wallets linked to the attack, which are growing fatter by the minute. He also blasted the way government agencies have handled sensitive security disclosures. Many people, he said, run pirated versions of Microsoft operating systems because they feel they can not afford the real thing. The top security features must be added in all the versions of Windows.
“Clearly having the vulnerability be in Microsoft software was one of the key elements”, said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California. If you have a backup, there’s no need to pay ransom for your data. Power companies should have a backup system that can immediately take over the job and maintain the electricity supply to critical infrastructure services, in case of a security breach. We’ll get to some tips in a minute.
This time, though, Microsoft believes others should share responsibility for the attack, an assault that targeted flaws in the Windows operating system.
However, WannaCry didn’t just affect the public sector. If you prefer using Android, consider switching to one of Google’s proprietary handsets, such as the Pixel, which tend to receive Google’s software patches as soon as they’re released.
The attack revives the debate on the “problem of attribution” i.e. who should be held responsible for the bug’s outbreak, and therefore, the attack?
It’s unclear who the attackers are, but we do somewhat know about the origins of the ransomware.
The aggressive malware, dubbed WannaCrypt, utilized a previously reported vulnerability found within the Windows operating system produced by Microsoft. It leveraged an exploit – a tool created to take advantage of a security hole – leaked in a batch of hacking tools believed to belong to the NSA.
“Two months prior to the May 12 attack, Microsoft received a tip regarding the server vulnerability”.
But many users had not installed the patch by the time EternalBlue was dumped on the Internet in April.
“An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen”.
The precedent may impact other software sellers too.”They’re going to end up going above and beyond and some vendors are going to start extending support for out-of-support things that they haven’t done before”, said Mr Greg Young, an analyst at market research firm Gartner Inc. So, if people would have been careful to install the update, we would not have this situation.