WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft

Forum Moderators: open

Message Too Old, No Replies

WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft

tangor

9:14 pm on May 14, 2017 (gmt 0)

The WannaCrypt ransomware worm, aka WanaCrypt or Wcry, today exploded across 74 countries, infecting hospitals, businesses including Fedex, rail stations, universities, at least one national telco, and more organizations.

In response, Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, such as XP and Server 2003, as well as modern builds.

[theregister.co.uk...]

Patch/update your installs NOW.

keyplyr

9:27 pm on May 14, 2017 (gmt 0)

Related discussion: [webmasterworld.com...]

tangor

10:14 pm on May 14, 2017 (gmt 0)

Yup, that's related, this just announces the PATCH by MS and patch it right now. :)

tangor

10:16 pm on May 14, 2017 (gmt 0)

All of these are related to the leak of NSA cyber tools leaked by that wiki thingie sometime back.

tangor

10:16 pm on May 14, 2017 (gmt 0)

And this one hit 74 countries at the same time. Whew!

engine

3:18 pm on May 15, 2017 (gmt 0)

System: The following message was spliced on to this thread from: https://www.webmasterworld.com/website_security_webmasters/4849387.htm [webmasterworld.com] by engine - 4:35 pm on May 15, 2017

Microsoft has called for collective action over the WannaCrypt cyberattack [webmasterworld.com] which took place in the last few days.
It says that the exploits were taken from the U.S. National Security Agency, or NSA, and Microsoft had already patched the newer systems, however, many of these systems hit appear to be unpatched.

Microsoft has said it's also taken the decision to provide assistance to users of older systems, and is issuing patches that immunize Windows XP, 8, and Server 2003.

this attack demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers. The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they�re literally fighting the problems of the present with tools from the past. This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it�s something every top executive should support. Microsoft Calls For Collective Action Over WannaCrypt Cyberattack [blogs.microsoft.com]

this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017.

We should take from this recent attack a renewed determination for more urgent collective action. We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks. More action is needed, and it�s needed now. In this sense, the WannaCrypt attack is a wake-up call for all of us.

Of course, backups, backups, backups.

mcneely

10:56 am on May 16, 2017 (gmt 0)

Of course, backups, backups, backups.

... and be sure that your backups cannot be accessed directly via your local network -- If you can access your backups directly from your network, it would be as if you never created any backups at all, because the worm will infect those too.

keyplyr

11:14 am on May 16, 2017 (gmt 0)

and be sure that your backups cannot be accessed directly via your local network

I've met several people that leave their extetnal SSD plugged into their computer. I think unmounting the drive scares them.

mcneely

2:26 pm on May 17, 2017 (gmt 0)

This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone,

Sure, like providing a patch for XP -- Irresponsibility is allowing dated systems to exist in the first place -- Though XP is still being supported in many cases, grocery stores and various government applications still use it on a regular basis, you would think that Microsoft would write in a kill switch for systems they no longer support - That would eliminate quite a few boxes that don't care about security at all ... just sayin'

engine

3:08 pm on May 17, 2017 (gmt 0)

As i understand it, mcneely, some larger businesses pay Microsoft to support their systems, even on publicly-out-of-date operating systems.

The biggest problem with this WannaCrypt attack is that people didn't update their systems in a timely fashion.

Yes, backups off the network, and off site can play a valuable role in recovering systems from such malware, whatever the operating system, and it's been part of my routine for over twenty five years. Fire, theft and now malware are part of my disaster recovery document.

keyplyr

12:43 am on May 20, 2017 (gmt 0)

I received an email from my home owner's insurance carrier offering a new add-on "Cyber Insurance" which seemed tailor made for situations like this. Some of the coverage was for recovering data, ransome costs, loss of income, etc.

Anyone else?

tangor

12:32 am on May 21, 2017 (gmt 0)

I haven't seen that, but where there's a risk market there's probably someone willing to insure it.

keyplyr

8:21 pm on May 21, 2017 (gmt 0)

Also, I just saw an advertiser with a dynamic colorful ad "Don't Get Held Hostage by Ransomware... Get Your Free Ransomware Toolkit"

keyplyr

9:06 am on Jun 15, 2017 (gmt 0)

The NSA has determined the WannaCry worm originated in North Korea: [msn.com...]