Daily Management Review

Clues To Ransomware Worm's Lingering Risks Found By Security Experts


05/20/2017




Clues To Ransomware Worm's Lingering Risks Found By Security Experts
A survey for Reuters by security ratings firm BitSight found that Microsoft's Windows 7 operating system without the latest security updates were being run by two-thirds of those caught up in the past week's global ransomware attack.
 
Believing that identifying "patient zero" could help catch its criminal authors, researchers are struggling to try to find early traces of WannaCry, which remains an active threat in hardest-hit China and Russia.
 
They are having more luck dissecting flaws that limited its spread.
 
Security experts warn that further attacks that fix weaknesses in WannaCry will follow that hit larger numbers of users, with more devastating consequences while computers at more than 300,000 internet addresses were hit by the ransomware strain.
 
"Some organizations just aren't aware of the risks; some don't want to risk interrupting important business processes; sometimes they are short-staffed," said Ziv Mador, vice president of security research at Trustwave’s Israeli SpiderLabs unit.
 
"There are plenty of reasons people wait to patch and none of them are good," said Mador, a former long-time security researcher for Microsoft.
 
Paul Pratley, head of investigations & incident response at UK consulting firm MWR InfoSecurity said that WannaCry's worm-like capacity to infect other computers on the same network with no human intervention appear tailored to Windows 7.
 
Although it represents less than half of the global distribution of Windows PC users, Windows 7 accounts for 67 percent of infections, shows data from BitSight covering 160,000 internet-connected computers hit by WannaCry.
 
While individually vulnerable to attack, incapable of spreading infections and playing a far smaller role in the global attack than initially reported are computers running older versions, such as Windows XP used in Britain's NHS health system.
 
They have found Windows XP crashes before the virus can spread in laboratory testing, researchers at MWR and Kyptos say.
 
BitSight estimated that while older versions of Windows including 8.1, 8, XP and Vista, account for the remainder, Windows 10, the latest version of Microsoft's flagship operating system franchise, accounts for another 15 percent.
 
Experts agree that when it was released on March 14 on all computers on their networks are immune, any organization which heeded strongly worded warnings from Microsoft to urgently install a security patch it labeled “critical”.
 
SMB, which a covert hacker group calling itself Shadow Brokers had claimed was used by NSA intelligence operatives to sneak into Windows PCs, is a file sharing feature in Windows which Microsoft had asked to be disabled and those hit by WannaCry also failed to heed those warnings issued last year.
 
"Clearly people who run supported versions of Windows and patched quickly were not affected", Trustwave's Mador said.
 
Users need to pay hefty annual fees for support for older versions of Windows software such as 16-year-old Windows XP and Microsoft has faced criticism since 2014 for such withdrawals. A nationwide NHS support contract with Microsoft was cancelled by the British government and left the upgrades to some local trusts.
 
The U.S. software giant last weekend released a free patch for Windows XP and other older Windows versions that it previously only offered to paying customers and this is slated to draw further criticism in the wake of the WannaCry outbreak.
 
(Source:www.reuters.com) 






Science & Technology

Germany Introduces The First Ever Train To Run On 100% Hydrogen

Germany Plans On Cyber Security Research To End Reliance On U.S. Tech

Fuchsia will kill Android by 2023: Top 5 facts about the new OS

New Study Finds Goats Interact More With Happy People

More than 32 thousand "smart" houses under threat of hacker attack

Internet addiction and children: Global plague

Apple takes up to develop Apple Watch for health monitoring

Hyperloop is growing in Europe

Analysts: US gamers prefer mobile games

Google Assistant Winner Of Head-To-Head Test Of Digital Assistants, Beats Siri And Alexa

World Politics

World & Politics

Ex-Brexit Minister Said A ‘Reset’ Is Needed For Brexit Talks

10 countries with the best healthcare systems

Foreign Experts To Be Allowed By North Korea For Permanent Destruction Of Missile Sites

Ireland recovers €14.3 billion from Apple

Is China going to cancel its birth limit policy?

The US is ready to start negotiations with China

US and China start 5G race

Is Czech Republic posing a threat to the European Union?