It's not over, things may get worse as work week begins

Adjust Comment Print

Experts fear the situation could further aggravate as a number of computers in India run on the older operating systems and have not been updated yet.

Microsoft has called the cyber-attack that crippled businesses and services across 150 countries a "wake-up call", and has blamed government agencies for storing details of software vulnerabilities like stockpiled weapons.

"More action is needed, and it's needed now", he said.

Europol said a special task force at its European Cybercrime Centre was "specially created to assist in such investigations and will play an important role in supporting the investigation".

The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later.

Attacks were being reported in Britain and 11 other countries, including Turkey, Vietnam, the Philippines, Japan, with the majority of affected computers in Russian Federation. While India's cyber security unit CERT-In is yet to receive a formal intimation of any major attacks, it has reached out to all government agencies and public utilities to stay alert.

When the National Security Agency lost control of the software behind the WannaCry cyberattack, it was like "the USA military having some of its Tomahawk missiles stolen", Microsoft President Brad Smith says, in a message about the malicious software that has created havoc on computer networks in more than 150 countries since Friday.

Across an ocean, Darien Huss, a 28-year-old research engineer for the cybersecurity firm Proofpoint, was doing his own analysis. "Or we could potentially see copycats mimic the delivery or exploit method they used", he said. Once it infects one computer within a network, it can spread to all the computers in that network "within seconds", said Israel Levy, the CEO of the cybersecurity firm Bufferzone.

Wizards forward Oubre ejected for bowling over Olynyk
Coach Scott Brooks called it the Wizards' best stretch this season, crediting defense for making it all happen. The physical series continues as the Wizards keep the flame alive in the series with a win-loss record of 2-1.

The indiscriminate attack began Friday and struck banks, hospitals and government agencies, exploiting known vulnerabilities in older Microsoft computer operating systems. Normally, such patches are reserved for organizations willing to pay for extended support.

According to Matthew Hickey, founder of the security firm Hacker House, the attack is not surprising, and it shows many organizations do not apply updates in a timely fashion. For more detailed information about the Windows vulnerability and how to resolve it, see Microsoft Security Bulletin MS17-010 - Critical.

The massive ransomware attacks that started late Friday have locked people out of their computers and demanded hundreds of dollars from the users before they could regain control. It seems many PCs didn't get updated, leaving them exposed to the malicious ransomware.

A 22-year-old security researcher in the United Kingdom, going only by the name MalwareTech, has warned that another wave of ransomware attacks could begin tomorrow, Monday, March 15.

A cybersecurity expert calling himself MalwareTech later slowed down WannaCry by registering a domain name that he uncovered hidden in the ransomware's code. That affordable move redirected the attacks to MalwareTech's server, which operates as a "sinkhole" to keep malware from escaping. Brad Smith, who is Microsoft's chief legal officer, said Sunday in a blog post that his company, its customers and the government all share the blame. But the kill switch couldn't help those already infected.

Once your files are encrypted, your options are limited.

Eset Ireland provided several tactics, advising users to update Windows software first, this being the single biggest commonality among those hit by WannaCry. Intelligence officials wouldn't comment on the authenticity of the claims.

"Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization", he said.