A 'second wave' of ransomware could broaden global cyberattack

Massive ransomware cyberattacks reported worldwide

On Monday, the Ministry of Electronics and Information Technology (MeitY) streamed a webcast by the Indian Computer Emergency Response Team (CERT-in) that was meant to highlight the methods of hacking using ransomware and how it can be spotted and stopped. Use a reputable security software to prevent attacks in the future. It combined a known and highly unsafe security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.

The only real security from ransomware is backups and solid security best practices. "They saw an opportunity and they took it". It has attacked hundreds of thousands of computers, security experts say, from hospital systems in the United Kingdom and a telecom company in Spain to universities and large companies in Asia.

Mr Wainwright said the attack was "unprecedented in its scale" and warned many more people could find themselves affected. It demands users pay Dollars 300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time.

Experts were scrambling to determine who was behind the attack, which exploited a security flaw in older versions of Microsoft's Windows operating software.

Companies and institutions are often slow to update their computers because it can screw up internal software that is built to work with a certain version of Windows. So far, he said, not many people have paid the ransom demanded by the malware.

The ransomware can infect Windows computers that have not been updated to remove a vulnerability that it exploits.

When the leaks occurred, Microsoft patched the vulnerability, but the events that kicked off on Friday demonstrated that many, many systems weren't up to date. Instead of having to develop their own arsenals of cyberweapons, they simply had to repurpose work done by the highly skilled cyber experts at the NSA, said Phillip Hallam-Baker, principal scientist at the cybersecurity firm Comodo.

Darien Huss, a 28-year-old research engineer who helped MalwareTech, agreed the threat was far from over. That cheap move redirected the attacks to MalwareTech's server, which operates as a "sinkhole" to keep malware from escaping. The ransomware virus is such lethal and smart that it also drops a file named '!Please Read Me!.txt' which contains the text explaining what has happened to the computer and how to pay the ransom.

The Windows vulnerability in question was purportedly identified by the NSA for its own intelligence-gathering purposes.

The NSA and other spy agencies look for software vulnerabilities and then build tools to target and exploit them. But some experts have argued this attack could have been vastly mitigated if the NSA told Microsoft sooner.

Smith says there's a real risk that criminals will steal them. "But there's clearly some culpability on the part of the U.S. intelligence services". "Because they could have done something ages ago to get this problem fixed, and they didn't do it".

The figure of 2 lakh infected computers was derived till late Sunday evening, but as offices open on Monday, as people switch on their PCs, the actual magnitude and extent would be understood.

Related News: