Could Worsen On Monday, Authorities Say Don't Pay Ransom

Remigio Civitarese
Mag 20, 2017

Microsoft on Saturday took the "highly unusual step" of releasing a public patch for older Windows versions that are otherwise only eligible for custom support - Windows XP, Windows 8 and Windows Server 2003 - to fix the vulnerability being exploited by the ransomware attack. WannaCry should not have reached disastrous proportions - Microsoft released a patch that could close the vulnerability in March, well before the NSA's tool was decrypted.

Alex Abdo, a staff attorney at the Knight First Amendment Institute at Columbia University, said Microsoft and other software companies have strategically settled lawsuits that could lead to court rulings weakening their licensing agreements.

Microsoft's top lawyer is laying some of the blame for Friday's massive cyberattack at the feet of the US government. WannaCrypt, the ransomware that has hit hundreds of thousands of systems in recent days was crafted based on an exploit developed by the National Security Agency (NSA).

Payments could go up as the ransomware warned the cost would double after three days, and threatened to delete files within seven days if no payment was made.

In a blog post, Smith argued governments have opted to hoard software vulnerabilities for offensive purposes but did not inform technology companies about the vulnerabilities.

Avivah Litan, a cybersecurity analyst at Gartner, agreed that the government is "is negligent not doing a better job protecting companies", but added that it's not like "you can stop the US government from developing cybertools" that then work as intended.

Some victims were using computers that run on Windows XP, a 16-year-old operating system.

A manhunt for those behind the attack is now underway and security experts everywhere are encouraging WIndows users to update their software.

As CNet states: "Microsoft is criticizing government agencies for hoarding software flaws and keeping them secret, calling a massive, new ransomware attack a "wake-up call" to this problem".

Once your system has ransomware, your choices are limited: pay or don't pay. He noted, however, the complexity that can be involved in patching a security hole.

He said the attack did not have any specific targets. More than technical guidance, I want you to make sure you are spending the time needed to understand the concerns they have and that they know we are here to help.

Michael Mitchell, spokesman for Oreo cookie maker Mondelez International, said the company is not aware of any incidents from the attack, though it did alert employees.

Users can protect themselves by being careful about such emails, Microsoft said.

While things could certainly change, users of other Windows versions should be safe, though now is a great time to open the Windows Update Center and ensure that all of your security updates have been installed.

Altre relazioniGrafFiotech

Discuti questo articolo

Segui i nostri GIORNALE