What we currently know about the global cyberattack

Elizabeth Williams
May 19, 2017

Apart from invading some systems in departments of some state government in India, WannaCry has penetrated high profile systems across the globe including UK's health services, Germany's railway.

"All these things have led to the current situation that India is not at all the victim of the attack in the manner the other countries of the world are facing today", he added.

He says the most obvious tip-off is the fact that the malware contained an easy-to-find "kill switch" - basically, a URL address included in the code, which was used to stop the malware's spread.

The WannaCry ransomware attack was a malware strain that moved laterally within networks by leveraging a bug in Windows SMBv1 and SMBv2. The ransomware attack will force hundreds of thousands of users of older versions of the Windows operating system to upgrade to recent versions such as Windows 10 Pro - which now retails on the Windows store for a sweet Rs 14,999.

An exploit discovered and built upon by the USA's National Security Agency called EternalBlue was leaked by a group called the Shadow Brokers earlier this year.

"We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits", he said.

Then there's the US government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals.

Smith compared an equivalent scenario as the United States military having some of its Tomahawk missiles stolen. Given the current regulatory environment, it's the responsibility of these companies themselves, with their enormous financial resources, to track down these gaps in the security of their products, paying to acquire information if necessary.

Smith repeated a call he made in February, calling for an worldwide convention on the use of cyberwarfare akin to the Geneva Conventions' protections for noncombatants and other guidelines in conventional warfare.

How did the NSA plan to use Eternalblue in the first place is a good question. Computers with an out-of-date version of Microsoft Windows were appeared to have been hit especially hard.

A deeper look into the Trojan's eruption reveals a callous disregard on Microsoft's part for users of its older operating systems.

Microsoft Windows XP support has stopped 12 years after its release.

"To be clear, Microsoft would prefer that companies upgrade and realise the full benefits of the latest version rather than choose custom support".

The problem is vast, global, and growing, as we've seen with the recent cyber-attack that affected devices in 150 countries and temporarily crippled a number of NHS services. As a result, schools and hospitals are among the most susceptible to ransomware and other forms of phishing. "The movie is going to start 10 minutes after the ticket time". There is a reasons companies urge you to update - they frequently release bug fixes. Certainly many institutions and companies underinvest in this area.

WannaCry uses EternalBlue, which takes advantage of a vulnerability in the SMB protocol, to worm its way through local networks and online. The Russians and Asia took the biggest hits to their systems.

The agency is regarded as having among the world's most advanced cyber intrusion capabilities.

Other reports by VgToday

Discuss This Article