Follow CERT-In instructions on WannaCry attack: RBI to banks

Image Nurlan Mammadzada  Shutterstock

The WannaCry worm has affected more than 200,000 Windows computers around the world since Friday, disrupting auto factories, global shipper FedEx and Britain's National Health Service, among others. Here at the store we recommend Avast for anti-virus and Malwarebites for malware. They'll then demand payment of around $400 to remove it.

In a blog post, Microsoft's president and chief legal officer, Brad Smith, likened the leak to a missile being stolen from the United States military: "An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen".

Instead of developing hacking tools in secret and holding them for use against adversaries, governments and intelligence agencies should share weaknesses they find with Microsoft and other software makers so that vulnerabilities can be repaired.

"Even though it's becoming harder and harder, the incentives have increased tremendously", said Mador, who previously worked on security response at Microsoft.

Smith said the effect on cyber security of keeping the vulnerabilities secret is tantamount to the physical theft of Tomahawk cruise missiles. "When a design flaw is discovered in a vehicle, manufacturers issue a recall". "Microsoft has a very strong position that is an absolute, whereas my position is a little bit more balanced", Grobman says. For the vulnerability that the WannaCry malware exploited, Microsoft released one such patch last March 14, 2017.

Microsoft agreed to help patch older systems, such as Windows XP, that the company had stopped supporting with security updates in an apparent bid to prompt customers to purchase newer Microsoft operating systems.

In 2014, Microsoft ended support for the highly popular Windows XP, released in 2001 and engineered beginning in the late 1990s, arguing that the software was out of date and wasn't built with modern security safeguards.

Many pieces of digital equipment - like the MRI scanners used by the United Kingdom's National Health Service, which run Windows XP - can not be upgraded as easily as a PC. Security patches would be available for clients with older machines, but only if they paid for custom support agreements.

For individuals, Goldstuck said: "You can not delay software updates to save data".

"The most important thing is to install all the updates that are sent to users, not just on operating systems but for all software being used".

"As software has become ever more complex, interdependent and interconnected, our reputation as a company has in turn become more vulnerable", Gates wrote in an email to employees identifying trustworthy computing as Microsoft's top priority.

"There is no major impact in India unlike other countries".

However, WannaCry didn't just affect the public sector.

Attacks by WannaCry, also called WannaCrypt, WCry, and Wanna Decryptor, were reported in China, Russia, Taiwan, France, and Japan, according to an Federal Bureau of Investigation notice sent Saturday. Once malicious software is in the wild, it is commonly reused by hacking groups, especially nation-states trying to leave the fingerprints of another country.

The lack of sophistication may bolster those cybersecurity researchers who say they have found evidence that could link North Korea to the attack.

Related News: