Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Network Security / WannaCry: Windows 7 Hit Hardest
WannaCry Ransomware Update: Windows 7 Hit Hardest
WannaCry Ransomware Update: Windows 7 Hit Hardest
By Shirley Siluk / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
More than a week after the massive WannaCry ransomware attack hobbled computer systems around the world, security experts continue to assess the damage and keep watch for new outbreaks.

As of Friday, May 19, the malware had infected more than 416,000 systems, according to the U.K.-based security researcher who helped put a stop to the initial attack. Meanwhile, organizations that included FedEx and Britain's National Health Service (NHS) continue to deal with fallout from the ransomware while researchers try to identify the attackers responsible.

Authorities have urged anyone affected by WannaCry not to pay the ransom requested, typically several hundred dollars in the digital currency Bitcoin, to regain access to files encrypted by the malware. Some victims, most of whom were running Windows 7 x64, according to research from Kaspersky Lab, could be helped by a partial decryption fix that's been shown to recover data.

Hundreds of Thousands of Victims

The WannaCry ransomware began spreading around May 12 and the U.K.'s NHS was one of the first high-profile victims to come under attack. That's when a young British security researcher who goes by the name MalwareTech noticed that the ransomware was querying an unregistered domain name, which he quickly registered. By doing that, he effectively set off a kill switch that put a stop to new attacks of the ransomware.

MalwareTech has since been identified by media outlets as Marcus Hutchins, 22. He noted in an update on his blog, May 19, that HTTP requests to the domain he registered showed some 416,989 systems had been hit by WannaCry as of that time.

Since the initial attack has come under control, Microsoft has been criticized for its role in the malware's propagation. The WannaCry ransomware (which is also called WannaCrypt by Microsoft and others) deploys a Windows exploit that had not been addressed and was used for surveillance by the National Security Agency (NSA). That exploit was revealed when the Shadow Brokers hacking group released a trove of data stolen from the NSA in April.

By then, Microsoft had already issued a security update for the exploit, but that fix was not offered to many users running older versions of Windows that no longer received Microsoft support. After the WannaCry attack, Microsoft took the unusual step of making a patch more widely available to both supported and unsupported Windows users.

Assigning Responsibility

Writing Saturday in the U.K.'s Guardian newspaper, technology author and researcher Evgeny Morozov took Microsoft to task for its "disingenuous" stance on online safety and its calls for a "digital Geneva convention" to protect against cyberattacks.

"The conflict of interest here would be mind-boggling: the more insecure Microsoft's software, the greater the demand for its cybersecurity services to protect it," Morozov wrote. "Worse, governments -- instead of doing something to curb such conflicts of interest -- are only aggravating them. They allow tech companies to use their intelligence services as scapegoats while also creating a secondary market in cyberweapons that can then be used by petty criminals to instil terror and dread in the population. No wonder there are people demanding that some version of the digital Geneva conventions pass: the horrors, imposed by the tag team of government and industry, are just too painful to endure."

U.K.-based security researcher Graham Cluley expressed similar concerns on his blog today. Cluley said it was understandable that people wanted someone to blame after a malware outbreak as significant as WannaCry.

"Is it the fault [of] the NSA for discovering a security vulnerability in Microsoft's code, and not telling Microsoft at the time? Can we blame Microsoft for shipping buggy code in the first place?" he asked. "Are the mysterious Shadow Brokers hacking group responsible for WannaCry, because they stole details of the exploit the NSA built to take advantage of the Microsoft flaw? Should we point fingers at the organisations who failed to patch their systems in advance of the attack?"

Cluley noted that some investigators, citing similarities to previous cyberattacks, believe the North Korea-linked hacking group Lazarus might be responsible for the WannaCry attack. However, he added that North Korea's deputy ambassador to the United Nations called such allegations "ridiculous." Ultimately, though, it's possible the perpetrators might never been identified, Cluley said.

In its latest update about the ransomware attack, Europol's European Cybercrime Center said it had tested a "partial solution developed by Benjamin Delpy, Matt Suiche and Adrien Guinet" and found that it was able to recover encrypted data on some victims' systems. Further details about how to deploy that fix are available on Comae Technologies' Web site.

Image credit: Product shot by Microsoft.

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.