How to Shield Your System Against WannaCry Ransomware Attack

Elizabeth Williams
May 20, 2017

As we've seen with WannaCry, ransomware (and other malicious software) can spread virally, without user interaction. World-affecting extortionists might be able to find the attention of the authorities through minimal effort and maximum casualties, as is evidenced with the WannaCry spread of ransomware.

"The recent global ransomware attack exploiting a flaw in Windows, while serious, not only demonstrates the continued ubiquity of Microsoft, but also highlights that numerous affected enterprises or entities that are still using older, and now unsupported, versions of Windows need to accelerate their plans to upgrade to Windows 10", analyst Michael Nemeroff wrote in a note to clients Monday entitled "If you're not current, you're toast". But in this case, according to Kaspersky Lab, the shared code was removed from the versions of WannaCry that are now circulating, which reduces the likelihood of such a "false flag" attempt at misdirection.

Researchers are keen to point out that more investigation is needed before any definitive conclusions can be drawn. The group behind the Sony attack was the Lazarus Group.

As of Sunday, the cyberattack had struck more than 200,000 computers in more than 150 countries, according to Rob Wainwright, the executive director of Europol, Europe's police agency, The New York Times reports.

So far no clues have been uncovered as to who was behind the malicious software, which locks users' computer files and demands a ransom payment of US$300 (S$418) to US$600 to unlock them.

On Friday, the world was hit by one of the biggest cyberattacks in recent history. Over the weekend, a 22-year-old cybersecurity researcher from England named Marcus Hutchins discovered and inadvertently activated a "kill switch" buried in the malware's code.

How did all of this get started?

The NSA did not create WannaCry.

If North Korea, believed to be training cyberwarriors at schools, is indeed responsible for the latest attack, Choi said the world should stop underestimating its capabilities and work together to think of a new way to respond to cyber threats, such as having China pull the plug on North Korea's internet. In the case of free software, user controls the program and the source code is open for everyone to access that in turns make free software very much secured compared to any other proprietary software. "(The unit has since been renamed.)", according to the Times.

Microsoft is pointing the finger at the USA government, while some experts say the software giant is accountable too.

The attack was a reminder that people and businesses should keep their software up to date, or else remain vulnerable, Smith said.

This is an emerging pattern in 2017.

The hack used a technique purportedly stolen from the US National Security Agency to target Microsoft's market-leading Windows operating system. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. "An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen". He notes that in February Microsoft called for a new "Digital Geneva Convention" to address these issues, "including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them". Ensuring that your Windows operating system is up to date with the most recent security and software updates, which patch any holes and vulnerabilities in the software, makes it much more hard for a hacker to infiltrate your system and networks.

Other reports by VgToday

Discuss This Article