Parsing the tech and national security concerns behind the WannaCry ransomware attacks

For now, there's a great deal of finger pointing going on as the world attempts to figure out exactly who is responsible for the current virus outbreak.

Who's being targeted for blame? Last year, Cisco, with the help of Level 3 Threat Research and Limestone Networks, identified the largest Angler exploit kit operation in the USA, which targeted 90,000 victims every day and generated tens of millions of dollars a year by demanding ransoms off victims.

Then there's the US government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals.

So far only a few victims of the attack appeared to have paid, based on publicly available bitcoin accounts on the web, where victims have been instructed to pay.

"It is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks", said the U.K.'s National Cyber Security Centre in a statement Sunday. "Still, the NSA can't be very proud of this".

The ransomware, also called WannaCry or Wana Decryptor, works by exploiting a vulnerability in some older versions of Windows. So it makes sense to assign some responsibility to the NSA - the attackers didn't come up with this security hole on their own, after all. And they're blaming the USA government for stockpiling cyber weapons.

In a blog post aimed to address the "WannaCry" ransomware attack, Microsoft explained that the exploit originated from a list of attacks "hoarded" by the US National Security Agency.

That quick thinking may have saved governments and companies millions of dollars and slowed the outbreak before USA -based computers were more widely infected. But the reality is that some organisations are still using Windows XP and others have failed to apply the latest updates or patches to their machines.

"Even extended support doesn't necessarily provide you protection", Stewart added. Japanese broadcaster NTV reported 600 companies in that country had been hit, and automaker Nissan and the Hitachi conglomerate said they were addressing the problem at their units that were affected.

Now that this "WannaCry" malware is out there, the world's computer systems are vulnerable to a degree they haven't been before, unless people everywhere move quickly to install Microsoft's security patches. This helps limit the spread of ransomware if hackers do get into your system.

"Clearly having the vulnerability be in Microsoft software was one of the key elements", said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California. Some have also been machines involved in manufacturing or hospital functions, hard to patch without disrupting operations. No company - or hospital, or university, or individual - asks to be the victim of cybercrime, but there are also things companies can do to prevent the attacks from succeeding.

When Microsoft sells software it does so through a licensing agreement that states the company is not liable for any security breaches, said Michael Scott, a professor at Southwestern Law School. Backups often are also out of date and missing critical information.

Data needs to be backed up so that you can restore your files in the case of an attack.

Michael Mitchell, spokesman for Oreo cookie maker Mondelez International, said the company is not aware of any incidents from the attack, though it did alert employees. Once it infects one computer within a network, it can spread to all the computers in that network "within seconds", said Israel Levy, the CEO of the cybersecurity firm Bufferzone.

Latest News