Running Windows? How to protect against the big ransomware attack

Share

Hundreds of thousands of computers were affected by the first wave of the cyber-attack, but an analysis of three Bitcoin accounts linked to the ransomware demands suggests that the number of ransoms that have been paid so far only number in the hundreds, according to a BBC report.

Europol's European Cybercrime Centre said that anyone hit by ransomware should use the unlocking tools provided at NoMoreRansom.org, a free resource developed by Europol in partnership with the Dutch police and other industry partners. But the South Korean cinema chain CJ CGV Co. was restoring advertising servers at dozens of theaters after the attack left the company unable to display trailers of upcoming movies.

The attacks exploited the computers because they were running outdated versions of Microsoft's Windows operating system.

Paying ransom will not ensure any fix, said Eiichi Moriya, a cybersecurity expert and professor at Meiji University. "It's like after a robber enters your home".

For some, £230 ($300) might not seem too high a price to get back irreplaceable data that has been encrypted against your will. Activating the domain worked as a kill switch for the malware.

As for Europe, such malicious software spread last Friday and blocked computer equipment in many health centers in the United Kingdom, as well as in companies and organizations in Spain, France, Germany and Russian Federation, among other countries of the so-called old continent.

"We haven't fully dodged this bullet at all until we're patched against the vulnerability itself", Kalember said.

More news: Trump threatens to cancel briefings; Spicer back at podium

"That's what makes this more troubling than ransomware was a week ago", Thakur said.

"The governments of the world should treat this attack as a wake-up call", Smith said.

Microsoft's top lawyer is laying some of the blame at the feet of the USA government.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", he said.

"We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the United States military intelligence organisation National Security Agency (NSA) has affected customers around the world", Smith wrote. And experts expect even more victims as the hackers generate new variants and more users sign into computers Monday morning.

"Right now, just about every IT department has been working all weekend rolling this out", said Dan Wire, spokesman at Fireeye Security.

Many people in fact believe someone at NSA must have tipped Microsoft that the files had been stolen, which is how it knew it needed to push out that particular patch, said Ryan Kalember of Proofpoint, a Sunnyvale, Calif. -based security firm whose researchers were instrumental in fighting the the WannaCry attack.

Share