In view of the recent cyber attack, officials across the globe scrambled over the weekend to catch the culprits behind a massive ransomware worm that disrupted operations at car factories, hospitals, shops and schools, while Microsoft on Sunday pinned blame on the U.S. government for not disclosing more software vulnerabilities.
Cyber security experts said the spread of the worm dubbed WannaCry - "ransomware" that locked up more than 200,000 computers in more than 150 countries - had slowed but that the respite might only be brief amid fears new versions of the worm will strike. To detect if your computer is infected, you'll immediately know whether you're infected — you'll be greeted by a popup screen saying "Ooops, your important files are encrypted." And by "important," they're talking about your most commonly used files — including .mp3 audios and .mp4 and .avi videos; .png and .jpg images; and .doc and .txt documents. The worm also targets any backup files you may have made, so you can't even restore older, safe versions.
Analysts said you should not click the "check payment" or "decrypt" buttons in the popup message. Instead — if you're able to — download and install Microsoft patch MS17-010, available here, which should work on Windows systems going all the way back to Vista.
Economic experts offered differing views on how much the attack, and associated computer outages, would cost businesses and governments.
The non-profit U.S. Cyber Consequences Unit research institute estimated that total losses would range in the hundreds of millions of dollars, but not exceed $1 billion.
Most victims were quickly able to recover infected systems with backups, said the group's chief economist, Scott Borg.
The estimated 200,000 computers crippled worldwide by Friday's mammoth ransomware attack could be only the tip of the iceberg, security experts said Sunday. That means an untold number of other infected systems could still be waiting to be discovered when people return to work on Monday and fire up their computers.
Microsoft President Brad Smith said Sunday that the attack used exploits stolen from the National Security Agency earlier this year.
"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem," Smith wrote on the Microsoft blog. "This is an emerging pattern in 2017. ...
"This most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today — nation-state action and organized criminal action," wrote Smith, who is also Microsoft's chief legal officer.
And there's worse news: At least two new variations of the malware have already been detected.
In view of the recent cyber attack, officials across the globe scrambled over the weekend to catch the culprits behind a massive ransomware worm that disrupted operations at car factories, hospitals, shops and schools, while Microsoft on Sunday pinned blame on the U.S. government for not disclosing more software vulnerabilities.
Cyber security experts said the spread of the worm dubbed WannaCry - "ransomware" that locked up more than 200,000 computers in more than 150 countries - had slowed but that the respite might only be brief amid fears new versions of the worm will strike. To detect if your computer is infected, you'll immediately know whether you're infected — you'll be greeted by a popup screen saying "Ooops, your important files are encrypted." And by "important," they're talking about your most commonly used files — including .mp3 audios and .mp4 and .avi videos; .png and .jpg images; and .doc and .txt documents. The worm also targets any backup files you may have made, so you can't even restore older, safe versions.
Analysts said you should not click the "check payment" or "decrypt" buttons in the popup message. Instead — if you're able to — download and install Microsoft patch MS17-010, available here, which should work on Windows systems going all the way back to Vista.
Economic experts offered differing views on how much the attack, and associated computer outages, would cost businesses and governments.
The non-profit U.S. Cyber Consequences Unit research institute estimated that total losses would range in the hundreds of millions of dollars, but not exceed $1 billion.
Most victims were quickly able to recover infected systems with backups, said the group's chief economist, Scott Borg.
The estimated 200,000 computers crippled worldwide by Friday's mammoth ransomware attack could be only the tip of the iceberg, security experts said Sunday. That means an untold number of other infected systems could still be waiting to be discovered when people return to work on Monday and fire up their computers.
Microsoft President Brad Smith said Sunday that the attack used exploits stolen from the National Security Agency earlier this year.
"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem," Smith wrote on the Microsoft blog. "This is an emerging pattern in 2017. ...
"This most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today — nation-state action and organized criminal action," wrote Smith, who is also Microsoft's chief legal officer.
And there's worse news: At least two new variations of the malware have already been detected.
Comments
Post a Comment