NSA 'considered telling Microsoft about hacking codes'

The aggressive malware, dubbed WannaCrypt, utilized a previously reported vulnerability found within the Windows operating system produced by Microsoft. To be extra safe from hackers, after backing up your data onto an external drive, unplug the drive from the computer and put it away.

Head computer technician Harold Neiper at Coast Computers in Biloxi tells News 25 Microsoft had already produced an update for Windows to avoid getting caught with Ransomware. It was a masterclass in pursuing Microsoft's interests while invoking a noble mission.

EternalBlue has been used by the NSA for more than five years.

To the editor: If Microsoft were a auto company and released a defective product, there would be mandatory recalls of almost 20-year-old systems and millions of dollars in fines.

Microsoft's clear advantage is that it was prepared: it had made a patch for the WannaCry vulnerability in March and rolled it out to millions of computers.

However, it seems that those with Windows XP are most largely hit by the ransomware.

To a large degree, it worked.

A lot of healthcare systems are running older versions of Windows, such as Windows XP, says Avi Rubin, who is director of the Health and Medical Security Lab at Johns Hopkins University. Once malicious software is in the wild, it is commonly reused by hacking groups, especially nation-states trying to leave the fingerprints of another country.

"Whether or not you think the USA government should be spending a fortune developing such cyberweapons, surely it is obvious that the weapons they develop should be properly secured". There is always the temptation to let things remain as they are. But in this case, according to Kaspersky Lab, the shared code was removed from the versions of WannaCry that are now circulating, which reduces the likelihood of such an attempt at misdirection.

Kim calls WannaCry the world's first ransomworm-ransomware with the ability to self-propagate without user intervention or interaction.

It may be arduous to stick with old versions of software, but it is much more painful when machines stop working. The higher risk of being encrypted lies at those Microsoft computers that are not patched with the update. The precedent may affect other software sellers too.

Although the US appears to have dodged a bullet, at least for now, going forward Riggi asserts that overall the healthcare industry is particularly vulnerable to ransomware and is a high-priority target for cybercriminals because of the high value of health data.

Governments often demand that "back doors" should be inserted in software to allow them to read, for example, terrorist communications.

NSA does not discuss its capabilities, and some computer experts say the MS17-010 exploit was developed by unknown parties using the name Equation Group (which may also be linked to NSA).

In practice, the NSA is poor at keeping secrets. How did it spread so fast? The NSA, on the other hand, should feel nothing but shame.

It is a one-sided contest.

The China Banking Regulatory Commission (CBRC) said in an emailed statement it has not received any major infection reports from the country's banks on the cyber attack. As James Andrew Lewis of the Center for Strategic and International Studies says drily, that would be "very hard to negotiate".

Latest News