Microsoft Slams NSA Over Ransomware Nightmare

Microsoft Slams NSA Over Ransomware Nightmare

Microsoft Slams NSA Over Ransomware Nightmare

After the global cyberattacks on Friday that infected hundreds of thousands of computer with the WannaCry ransomware, the blame game has begun.

Tom Bossert, US President Donald Trump's homeland security adviser, said people "should be thinking about this as an attack that for right now we have under control, but as an attack that represents an extremely serious threat". That's why it's called ransomware.

Jonathan Sander, chief technology officer for STEALTHbits Technologies, called WannaCry "a Frankenstein's monster of vulnerabilities with patches and exploits that were stolen from the NSA and published for all to see". The exploit was leaked last month as part of a trove of US spy tools.

The tools were made public by a hacking group called the Shadow Brokers.

FedEx: The company said it was "experiencing interference with some of our Windows-based systems caused by malware" and was trying to fix the problems as quickly as possible. "People may have updated their security systems over the last hours", Europol said. Microsoft patched the flaw with its MS17-010 advisory on March 14, though that patch did not cover older systems that are no long supported.

A fifth of regional hospital associations in Britain's National Health Service were affected and several still had to cancel appointments on Monday, as doctors warned of delays as they can not access medical records.

The Wanna Decryptor - or WannaCry - virus sent the health service into meltdown on Friday, with hospitals in parts of the country forced to cancel treatments and appointments.

Also hit were Deutsche Bahn, the Russian Central Bank, Russian Railways, Russia's Interior Ministry, Megafon and Telefónica.

Patch your computers. They should have the latest software update.

"Ransomware developers and attackers tend to borrow, copy and steal techniques and software from each other", he said. "You need to constantly look out for emails that seem suspicious, and you need to err on the side of not downloading random files". "Anyone who applied the patch that Microsoft released likely wasn't affected by this", Reiher said. Another option is keep your particularly important data in a second location, such as on Google Drive or on an external hard drive.

First, install any software updates immediately and make it a regular habit.

Today both CERT NZ and InternetNZ released some practical advice which may help all internet users prevent an infection from WannaCry, and other future issues.

The hackers remain anonymous for now, but it appears that they are amateurs.

It is also keeping a close watch on the developments on the ransomware and is working in close coordination with all relevant agencies, it said.

The attack, known as "WannaCry" had a major impact across Asia as workers there returned to work on Monday, with Chinese state media saying nearly 30,000 institutions there had been infected.

"The way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks", Britain's National Cyber Security Center said in a statement on Sunday.

Related news