Everything We Know About Last Week's Global Ransomware Cyberattack
Cyber-security officials were busy last weekend scrambling to catch the hacker behind a massive cyber-attack that impacted dozens of countries.
More than 200,000 computers at companies, hospitals and government agencies were impacted by the ransomware worm and it is being regarded as the biggest attack of its kind.
“The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet,” writes Newsmax.
“Britain’s national health service fell victim, its hospitals forced to close wards and emergency rooms and turn away patients. Russia appeared to be the hardest hit, according to security experts, with the country’s Interior Ministry confirming it was struck.”
Microsoft’s President Brad Smith addressed the cyber-attack in a blog post Sunday.
“This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” wrote Smith. “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem.”
Smith places blame on the government for not seeking the appropriate help when flaws in a cyber system is dictated in an attempt to protect their top-secret espionage activities.
He urges that governments globally should “treat this attack as a wake-up call” and “consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”
“For so many organizations in the same day to be hit, this is unprecedented,” said Chris Wysopal of the software security firm Veracode. He also said the attack was likely from a criminal organization.
The first reported attack was in Britain last Friday and it quickly spread across the world.
“Ransomware attacks happen every day — but what makes this different is the size and boldness of the attack,” said Robert Pritchard, a cybersecurity expert at the research organization Royal United Services Institute in London. “Despite people’s best efforts, this vulnerability still exists, and people will look to exploit it.”
The “ransomware,” known as WannaCry, locks up the user’s data and then issues a warning message demanding payment to unlock it. The ransoms started at $300 and increased to $400 after 2 hours and then to $500 and then to $600.
“There’s no guarantee of service even if they do pay,” said Becky Pinkard, vice president for service delivery and intelligence operations at the cybersecurity firm Digital Shadows. “No one on Twitter is going to care about your complaint on this one.”
“The original attack lost momentum late on Friday after a security researcher took control of a server connected to the outbreak, which crippled a feature that caused the malware to rapidly spread across infected networks,” writes Reuters. “Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too difficult to patch without possibly disrupting crucial operations, security experts said.”
Ironically, Microsoft is partially to blame.
“Shortly after that disclosure, Microsoft announced that it had already issued software “patches” for those holes. But many companies and individuals haven’t installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and didn’t fix,” writes Newsmax. “By Kaspersky Lab’s count, the malware struck at least 74 countries. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, unpatched versions of Windows in use, according to the security firm.”
The hackers cruelly attacked hospitals where doctors were forced to halt treatment for patients.
“Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization,” said Tom Griffiths, a patient at a hospital for chemotherapy. “It’s stressful enough for someone going through recovery or treatment for cancer.”
Cyber agencies across the world are still trying to clean-up the attack. It was recently reported that the Ransomware hit the first time at U.S. hospitals Wednesday and there have been fewer than 10 victims in the U.S.
President Donald Trump called for an “emergency meeting” late last week to prep for the impending cyber-attack.
It looks like this could be the start of the attack on the U.S.
Author’s note: Microsoft is ironically pointing the blame at governments, but since this was due to a problem with the company’s operating system, perhaps they should pay for the repairs. But, cyber security needs to be more of a priority by the government.
Editor’s note: I still believe Microsoft bears the brunt of the responsibility for putting out software with security flaws.
Microsoft should also bear some blame for failing to patch older versions of Windows, especially as they continue to roll out newer versions and deem systems running legacy versions of Windows as “no longer supported”. We, the end users, paid dearly to get these legacy versions of Windows when they were new and usually have lots of data and information on our systems that make it difficult to upgrade. This is doubly compounded by the fact that each new version of Windows requires more of everything from the hardware it runs on. Upgrading older computers can be a challenge as stocks of compatible memory are depleted. I personally have four computers that run Windows 98SE, Windows XP (2 ea.) and Windows Vista. To upgrade the Windows 98SE computer is impossible. Parts are no longer available and even if they were, this system is not capable of running Windows 10, or even Windows 8. The other three would cost me more than I can afford, and migrating the data would be a very large task. Fortunately, I only use two of these systems, and the older one only sparingly. I really need to find a new PC to replace both of them, but being on a fixed income pretty much prevents that. I have patched all of these systems as far as Microsoft has allowed, so I’m pretty much stuck. If I get hit with one of these attacks, I do have the means to rebuild and restore both of the systems that I am using, so the attackers won’t get any money from me.
Phil in TX
Im thinking that microsoft takes the blame for putting out crappy software to begin with. They failed to spend the time and money it takes to make their software secure.