The blame game, ransomware edition: Who's at fault?

The blame game, ransomware edition: Who's at fault?

The EternalBlue exploit in Windows is believed to originate from the National Security Agency, as it became available when Shadow Brokers revealed a huge set of hacking tools the NSA allegedly used to access devices. "To protect your computer from such malicious malwares, one should be aware of the security measures and install all necessary updates", Dinesh Yadav, superintendent of police (city), said in a press note. But successive generations of the operating system have been found wanting. Some chemotherapy patients were even sent home because their records could not be accessed.

Many countries are racing to create more cyber weapons.

But these characteristics also could prove to be problematic, as the latest cyberattack highlights. In a statement released around 11:30 a.m. ET, Friday, the system's digital office said, "This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors".

As the WannaCry ransomware exploit spreads across 150 countries and over 200,000 machines blame is spreading wildly too.

On affected computers, the WannaCry software encrypts files and displays a ransom message demanding $300 in bitcoin. It appears that these NHS systems were vulnerable because they used older versions of Microsoft operating systems that are no longer updated.

Microsoft stopped issuing global patches for XP in April 2014, though it does still provide essentially security updates for the OS to companies who stump up extra cash for the privilege. If that lesson wasn't clear before, perhaps this past week will be a much-needed wake up call. "We are implementing remediation steps as quickly as possible". The victims, the official says, range widely in scope, from a few computers at companies and organizations to networks of many more. While a United Kingdom security researcher managed to stop the spread of the virus, hackers have issued new versions that cybersecurity organizations are trying to counter and stamp out. The ease of stopping the attack suggests the hackers were new to this game.

A Microsoft exec blasted the NSA Sunday for its role in "stockpiling vulnerabilities" that led to a ransomware attack of historic proportions - as experts warned workers could discover further infections Monday morning. He said the situation was under control.

Microsoft withheld update that could have slowed WannaCry
Once all the files are encrypted, it will display a message asking for a sum of money as ransom to unlock the encrypted data. Asked what the company is doing to prevent such exploitations, he cited "basic IT security blocking and tackling".

Deutsche Bahn: The German railway company told CNNMoney that due to the attack "passenger information displays in some stations were inoperative" as were "some ticket machines".

Businesses that failed to update Microsoft Windows-based computer systems that were hit by a massive cyber attack over the weekend could be sued over their lax cyber security, but Microsoft Corp itself enjoys strong protection from lawsuits, legal experts said.

Interior Ministry: The Russian Interior Ministry acknowledged a ransomware attack on its computers, adding that less than 1% of computers were affected.

Spain's Telefonica was among the companies hit. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits", he said.

We now know that Friday's attack made use of this vulnerability, so hospitals which did not apply that patch were leaving themselves open to attack. Once the software is executed it either replicates to infect other computers on the same network or encrypts the central business data store.

"In some ways it's a daring move by Microsoft", Klein says.

Multiple media reports indicate that the ransomware exploited a vulnerability in Microsoft's Windows operating system, using a tool developed by the National Security Agency (NSA) that was released to the public by WikiLeaks earlier this year. If you have your most important data saved on a separate system, then you won't be at risk of losing all your photos and data files if you get infected.