Microsoft says WannaCry ransomware must be a wake-up call for governments

The hacking tool spreads silently between computers, shutting them down by encrypting data and then demanding a ransom of $300 to unlock them.

The National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) had found 2.42 million IPs were suffering the attack and the number of infected IPs reached 35,000 as of 10:30 am on Sunday, Xinhua reported.

WannaCry developers have prepared a Q&A section in various languages, offering infected users localised instructions on how to recover data and how to pay the ransom.

In a posting on cybercrime on the bureau's website, FBI Cyber Division Assistant Director James Trainor said agreeing to pay only serves to perpetuate the activity. A survey by global cybersecurity firm Norton in India in November found 27 per cent Indians affected actually paid the ransom to regain access, but 26 per cent of those who paid the ransom still did not regain complete access.

"It'll pop up an error message that says, 'We didn't get your payment".

But some other technology industry executives said privately that it reflected a widely held view in Silicon Valley that the US government is too willing to jeopardize internet security in order to preserve offensive cyber capabilities. "Yet we, as the United States, have the largest threat surface of any nation in the world", said retired Admiral James Stavridis. So far this year, 11 Utah victims have been extorted of $15,000.

Wu said that is why universities, organizations and enterprises were especially vulnerable to the ransomware. It's based on a vulnerability developed by the National Security Agency that can be used against many versions of the Windows operating system.

Brickman said providers should follow guidance that the law enforcement agencies have provided since the attack, including deploying required patches and security signature updates and reinforcing safe email and internet browsing practices.

"The allegations by Microsoft that spy agencies are hoarding software vulnerabilities begs the question whether GCHQ were aware of the vulnerability in the NHS's systems and did nothing about it and whether, thanks to Theresa May and her policies, other public systems are exposed", he said.

In a statement earlier this week, Microsoft levelled the blame at the NSA for losing control of vulnerabilities it had uncovered but kept secret.

"I think this is the new normal", Antia told Business News Daily. "The one this morning had more than 2,500 participants, a lot of them from the healthcare community", she said.

"And then there are those who believe there are essential things that should not be given up in the name of security, even if that extends to inadvertently creating protections for the bad guys".

"This is an emerging pattern in 2017", Smith, who is also chief legal officer, says in a Microsoft company blog post. Rather, it discovered weaknesses in various versions of Windows and wrote programs that would allow American spies to penetrate computers running Microsoft's operating system, and it was one of these programs, codenamed ETERNALBLUE and repurposed by still-unidentified hackers, that allowed WannaCry to spread as quickly and uncontrollably as it did last week.

Smith also noted that a fundamental rethinking of tactics in addressing cybersecurity issues is in order. "We had issued advisory to all government office on Saturday".

"The tide is turning toward the necessity of having this conversation", he said. An investigation is on-going regarding how the codes got out.

Never open attachments received in emails, even if from trusted sources.

Latest News