WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities

Share

In addition to Microsoft's Security Bulletin MS17-010 that patched the vulnerability in March, the company also issued a separate patch on Friday for users of older and unsupported operating systems such as Windows XP.

Governments and computer experts girded Monday for a possible worsening of the global cyberattack that has hit more than 150 countries, as Microsoft warned against stockpiling vulnerabilities like the one at the heart of the crisis.

There are apprehensions that a second wave of the attack may arrive Monday as employees return and switch on affected computers.

Are you affected by the global cyberattack?

Japan's Chief Cabinet Secretary Yoshihide Suga said there weren't any concerns about damage in the country.

A spokesman for Barts Health NHS Trust in London said it was experiencing "major IT disruption" and delays at all four of its hospitals.

There are several factors in play.

A security expert in England has been hailed as an "accidental hero" for quashing the spread of the initial version of the ransomware late Friday.

"We will get a decryption tool eventually, but for the moment, it's still a live threat and we're still in disaster recovery mode", Europol director Rob Wainwright told CNN's Becky Anderson on Sunday, adding that the number of cases was still rising. He said it was too early to say who was behind the onslaught and what their motivation was, aside from the obvious demand for money.

Dickson said the malware itself, which exploits a flaw in Windows, was not new but that adding the ransomware "payload" made it especially risky.

Qihoo 360, one of China's leading suppliers of anti-virus software, had said Sunday that at least 29,372 institutions ranging from government offices to ATMs and hospitals had been "infected", singling out universities as particularly hard-hit.

In the world of ransomware, that was "unheard of six months ago", Levy said. And while other attackers might use the same flaw, such attacks will be steadily less successful as organizations patch it.

"Technology companies owe their customers a reliable process for patching security vulnerabilities", he said.

According to Matthew Hickey, founder of the security firm Hacker House, the attack is not surprising, and it shows many organizations do not apply updates in a timely fashion.

Smith said Microsoft has the "first responsibility" to address the problem.

"There are other criminals who've launched this attack, and they are ultimately responsible for this", he said. Use a reputable security software to prevent attacks in the future.

Germany's Deutsche Bahn computers were also impacted, with the company reporting on Saturday morning that display panels in the stations were affected. But Villasenor said there is "no ideal solution" to the problem.

Russian Central Bank: State media agency Tass reported the bank discovered malware bulk emails to banks but detected no compromise of resources.

"You can point a lot of fingers, but I think given that this was not a zero-day vulnerability (for which no patch is available), the people hacked are to blame", said Robert Cattanach, a partner at the worldwide law firm Dorsey & Whitney and an expert on cybersecurity and data breaches.

He said the same thing could be done to crucial infrastructure, like nuclear power plants, dams or railway systems.

Smith also called cyberattack protection a "shared responsibility" between companies and customers. He said the situation was under control. Computers already affected will not be helped by the solution.

If you wonder about the scope of this last attack and why it might be one of the worst ever occurred, here's the example of Britain's National Health Service to name but one, where there were people who even lost important chirurgical interventions. "At this stage, we do not have any evidence that patient data has been accessed".

Jakub Kroustek of the security firm Avast said in a blog post update around 2000 GMT, "We are now seeing more than 75,000 detections... in 99 countries". The NHS has said hospitals have had to cancel some outpatient appointments because of the attack.

Share