WannaCry Ransomware: Microsoft Calls Out NSA For 'Stockpiling' Vulnerabilities


Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists. "Because they could have done something ages ago to get this problem fixed, and they didn't do it". In the WannaCry attack it is reported that many surgeries had to be put off, x-rays cancelled and ambulances called back.

But the kill switch couldn't help those already infected.

While that quick thinking may have slowed the outbreak, MalwareTech said he was now looking into a possible second wave of attacks. By going online, they will open more avenues to spread the malicious software. The central bank reportedly said those monitoring the cyberattacks found "no incidents compromising data resources of banking institutions".

The effects were felt across the globe, with Britain's National Health Service, Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the US and French carmaker Renault all reporting disruptions.

Elsewhere in Asia, officials in Japan and South Korea said they believed security updates had helped ward off the worst of the impact.

In a blog post on Sunday, Microsoft President Brad Smith appeared to tacitly acknowledge what researchers had already widely concluded: the attack made use of a hacking tool built by the U.S. National Security Agency and leaked online.

They proposed a plan to improve cyber security that included a replacement of outdated systems "as a matter of urgency", calling its continued use "one of the most pressing issues facing IT infrastructure" in the NHS.

Industrial conglomerate Hitachi Ltd. said the attack had affected its systems at some point over the weekend, leaving them unable to receive and send e-mails or open attachments in some cases.

The feature will be available with the Windows 10 Fall Creators Update that will also unveil a major design overhaul for ageing Windows 10 platform.

"If a system supports some kind of critical processes those systems typically are very hard to patch".

Wainwright said the agency is analyzing the virus and has yet to identify who is responsible for the attack.

More news: Trump Defends Sharing 'Facts' About 'Terrorism And Airline Flight Safety' With Russia

But security minister Ben Wallace said the Government had put £1.2 billion into combating cyber attacks during the last strategic defence and security review, including a £50 million pot to support NHS IT networks.

Companies like the American courier service FedEx and the French automaker Renault have also been hit.

Authorities in Britain have been braced for possible cyberattacks in the run-up to the vote, as happened during last year's U.S. election and on the eve of this month's presidential vote in France. The company said the virus has been localized and "technical work is underway to destroy it and update the antivirus protection". Deutsche Bahn said it deployed extra staff to busy stations to provide customer information and recommended that passengers check its website or app for information on their connections.

In India, the government said it had only received a few reports of attacks on systems and urged those hit not to pay attackers any ransom.

"Seeing a large telco like Telefonica get hit is going to get everybody anxious".

The government is not legally bound to notify at-risk companies.

The news is also likely to embolden cyber extortionists when selecting targets, Chris Camacho, chief strategy officer with cyber intelligence firm Flashpoint, said.

So criminals turned to targeted attacks instead to stay below the radar.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from Spain's National Cryptology Centre of "a massive ransomware attack".

In a letter to the Times, Sir David Omand, former head of Britain's electronic intelligence agency GCHQ, called into question Microsoft's decision to withdraw its security services for the system in 2014 while private and public sectors around the world still relied on it.