NSA warned Microsoft about vulnerability connected to 'Wanna Cry'

Joanna Estrada
May 21, 2017

That happened here with some systems of Windows. "When you click on anything, a pop-up window opens where the attacker asks for more ransom to decrypt files".

Because this attack targets the Microsoft Windows operating system, John Raven, President of hosting solutions provider Newtek Technology Solutions, said that scheduled maintenance must be performed to systems used by shared web hosting customers on regular intervals including Windows patch updates; antivirus updates; and updating firewall threat definitions and blocking commonly known high-threat protocols.

A global ransomware attack began early last Friday and has affected businesses and government entities in 150 countries, including Britain's national health system, FedEx, Spain's Telefónica, and the Russian Interior Ministry.

WannaCry or Wanna Decryptor ransomware seems to have used a vulnerability in Microsoft's software.

The worm encrypts data on an infected system, and then tells the user that their files have been locked and displays information on how much is to be paid and when - up to roughly $600 in bitcoin. Phishing attacks with software downloads or links and attachments to malware are often the first sign that a ransomware event is looming.

The researchers said, however, that the tools are not ideal and work only if the computers infected with the WannaCry ransomware have not been rebooted after being hit. "It knows how to exploit vulnerabilities in Windows XP, Windows Vista, Windows 7, Window Server 2008 and earlier versions", he added further.

One of the major problems faced was users running on pirated versions of Windows were unable to install security updates.

Ransomware attacks have been increasingly prevalent in recent years.

"Recognizing that for a variety of business reasons, companies sometimes choose not to upgrade even after 10 or 15 years, Microsoft offers custom support agreements as a stopgap measure", said the spokesman to CNET. The longer victims pay, the longer ransomware will continue to grow, or at least that's what leading cyber security firms believe and it's why they advise against it.

Other reports by Click Lancashire

Discuss This Article