The blame game, ransomware edition: Who’s at fault?

It exploits a flaw in the Windows operating system to encrypt data of targeted companies and institutions.

You must install a fix released by Microsoft to prevent further infections and propagation.

Earn 1 CPE credit and learn about government’s data center optimization strategy with analysis from Justice and State departments.

As many as 200,000 computers were infected with the WannaCry Ransomware last week and tech experts are expecting more incidents like it in the coming days. “Still, the NSA can’t be very proud of this”.

According to Microsoft MSFT.O , computers affected by the so-called “ransomware” did not have security patches for various Windows versions installed or were running Windows XP, which the company no longer supports.

After the attack, the central bank reissued its recommendations to Russian banks, it said, adding that it would start publishing statements on its website about cyber attacks it had caught as well as steps taken to reinforce IT security.

On top of that, critics say, the government didn’t notify companies like Microsoft about the vulnerabilities quickly enough. Smith urged the government “to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them”, as the company called for in February when it proposed a new Digital Geneva Convention.

A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017.

Still, it was Microsoft that wrote the exploitable software to begin with. They patched this security issue two months ago, and had you been running Windows 7 (later versions were not affected) with automatic updates (as you damn well should) you would’ve been completely safe. But, because of the widespread and massive exploit across the world, Microsoft has issued a free-to-all Windows XP patch to help protect computers.

Sean Pike, program VP in the security products group at IDC, a tech industry research provider, pointed that everyone has been a bit numb to attacks because it is something they hear so much about now and Microsoft benefits from that. “There are plenty of reasons people wait to patch and none of them are good”. In the United Kingdom, where the initial attack threw parts of the health care system into chaos Friday, the government scheduled an emergency meeting Monday afternoon to discuss the attack. The computers would operate normally, but the miner would also run in the background.

To put things into perspective, imagine Alexa telling you to pay $100 in order to get your Echo working again and bugging you to do so every few minutes; your smart fridge refusing to cool; smart TV refusing to switch to something you want to watch and so on – until you pay up.

“It’s not rocket science”, Litan said. “Nevertheless, one should never pay the ransom as it will encourage attackers”, said Kiran Deshpande, Co-founder and President of Mojo Networks.

“I would actually argue that this was so risky that [Microsoft] should have released the patch even to their unsupported systems”, Kalember said.

India’s cyber security agency has alerted Internet users against damaging activities of “WannaCry”- that critically infects work stations and locks them remotely.

A ransomware called WannaCry held hostage a record 2,00,000 systems worldwide by May 15 – the fourth day in a series of online attacks – in what has been dubbed as the largest such cyber assault of its kind.