How did the attack spread worldwide?
Meanwhile health authorities are racing to upgrade security software amid fears hackers could exploit the same vulnerability with a new virus. Under current laws, they don’t have to report the flaws to the company at risk.
And by “important”, they’re talking about your most commonly used files – including.mp3 audios and.mp4 and.avi videos;.png and.jpg images; and.doc and.txt documents.
The malware is both powerful and insidious, computer security expert Craig Williams of CISCO Talos tells Aarti: “You could just walk up to your computer and it’s infected, even if you didn’t even touch it”. Questions are now being asked over the use of old computer systems and the failure of some health boards to implement a vital security update issued by Microsoft in March.
Microsoft criticized the United States government for not informing it of the vulnerability.
“They said, ‘I’m really sorry, but the computer system is down”.
“We have seen vulnerabilities stored by the Central Intelligence Agency show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world”, he wrote.
Businesses, government agencies and other organizations were urged to quickly implement a patch released by Microsoft Corp. Lieu said the current disclosure process is not transparent, and often misunderstood. Instead – if you’re able to – download and install Microsoft patch MS17-010, available here, which should work on Windows systems going all the way back to Vista.
Some privacy advocates say that if the NSA had disclosed the vulnerability when it was first discovered, the outbreak may have been prevented.
However, our research shows relatively small sums are being spent on cyber security since 2012, ranging from NHS Lothian’s £445,000 to £125,000 by the Scottish Ambulance Service. If you haven’t done this yet, update your systems now.
Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too hard to patch without possibly disrupting crucial operations, security experts said. “No matter how this was disclosed or when it was disclosed, some percentage of businesses would not have applied”.
England’s NHS says at least 16 of its organizations were hit by the ransomware.
Signs outside the unit warned patients not to book in unless they had “a very serious illness or injury”.
In the UK Saturday night, goverment officials said computer systems were nearly completely up and running again, Vigliotti reported. Those facilities are not unique.
How can users protect their computers?
It was unclear Sunday whether Microsoft was delivering the new Windows XP, Windows 8 and Windows Server 2003 patches via the standard Windows Update maintenance service, or if users were required to manually download the appropriate fixes from the Update Catalog.
We do know that in this latest case, the ransomware has exploited a loophole in the Microsoft Windows operating system. When details of the bug were leaked, many security researchers predicted it would lead to the creation of self-starting ransomware worms. While this particular ransomware was inadvertently stopped, hackers could modify the code and try again. The main challenge for investigators was the fast-spreading capabilities of the malware, he said, adding that so far not many people have paid the ransoms that the virus demands.
The attack is unique, according to Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected. “(There have been) remarkably few payments so far that we’ve noticed as we are tracking this, so most people are not paying this, so there isn’t a lot of money being made by criminal organisations so far”.