'WannaCry' ransomware attack: What we know

Share

The hackers behind the global cyberattack are still unidentified. The ransomware exploits a vulnerability in Microsoft Windows XP, which the company had stopped actively supporting in 2014. Meanwhile, as Microsoft argued, the government's practice of stockpiling exploits and keeping them secret makes it all the more risky when they're leaked. Therefore, somebody, presumably the NSA, went and told Microsoft for inclusion in the February patch.

Still, "My answer is, never pay the ransom", Abrams said. We have already installed the necessary security patches as far as the key networks are concerned. "Still, the NSA can't be very proud of this".

Deutsche Bahn: The German railway company told CNNMoney that due to the attack "passenger information displays in some stations were inoperative" as were "some ticket machines".

The hack used a technique purportedly stolen from the U.S. National Security Agency to target Microsoft's market-leading Windows operating system.

At the same time, Weber noted that the attack could prompt more people to shun digital technology and turn back to analogue systems that can't be hacked. The company has more than 3,500 engineers who are working comprehensively to address cybersecurity threats.

Almost 65% of software in Russian Federation is pirated, compared to 17% in the US and 29% in the European Union, according to statistics compiled by industry group The Software Alliance.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", Microsoft President and Chief Legal Officer Brad Smith said in a blog post on Sunday, comparing the recent leaks of NSA and Central Intelligence Agency hacking tools to, in the real world, the theft of cruise missiles. Given the potential impact to customers and their businesses, we have also released updates for Windows XP, Windows 8, and Windows Server 2003. Finally, if you do not have one already, this would be a good time to develop a cybersecurity incident response plan. Still, he said Microsoft should accept some responsibility.

Still, it was Microsoft that wrote the exploitable software to begin with.

More news: Eurovision winner arrives home to Portugal

"The attack targeted machines that use older software (Windows XP, Windows 2003, Windows 8) and USA companies tend to adopt modern systems on a more regular basis", said Kevin O'Brien, chief executive officer of GreatHorn, a Boston-based security company.

The malware locked computers and blocked access to patient files in England's public hospitals.

Microsoft laid partial blame for these attacks at the feet of government agencies that they claim are engaged in a "stockpiling of vulnerabilities" as weapons and called for new policies that put the security needs of consumers first. "I am anxious about how the numbers will continue to grow when people go to work and turn [on] their machines on Monday morning".

This includes whitelisting certain websites and software so only approved programs can run on a computer, or disabling administrative privileges on a company's machines so that only the IT department can download programs. UPDATE: We are now indeed seeing second-hand reports of files left encrypted despite ransoms being paid.

"It's not rocket science", Litan said.

He added that the Cyber Swachhta Kendra - government's portal on information about cyber security - is being updated on regular basis since Saturday. Microsoft had recently issued a patch to fix the flaw, but many computers had not been updated.

India is on high alert, monitoring critical networks across sectors like banking, telecom, power and aviation to ensure that systems are protected against the attack that has claimed victims in more than 150 countries over the weekend.

Share