Cyber attack could spark lawsuits but not against Microsoft

Vu Ngoc Son, deputy head of the anti-malware department of Bkav Corporation, the largest internet security firm in Vietnam, said that the WannaCry ransomware's behaviour is "not new", but he believes that the use of this ransomware will not really ease up as "it can directly earn large profits for hackers". It has now been detected in over 100 countries, including Singapore.

Those infected with WannaCry were informed their files would be released if they paid $300 in digital currency Bitcoin, although the ransoms were reportedly up to $600 by Monday afternoon.

On Monday, private-sector sleuths found a clue about potentially who's responsible for the WannaCrypt attack.

So what do you do if you receive the WannaCry ransomware message? It's a little counterintuitive, but experts say it's much more secure than the alternative, which is reusing the same password across multiple websites.

It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money.

But according to Michel Van Den Berghe, director of telecom group Orange's cyber security arm, a "second wave" is to be expected.

On May 13, CERT-IN had issued an advisory for both reactive and preventive actions to deal with the ransomware.

He became an worldwide sensation after he prevented hundreds of thousands of computers from being infected by the virus that wreaked havoc across the NHS.

Bkav recommends that all computer users immediately install updates and security patches and hotfixes via Windows Update. "Despite appearing to be criminal activity meant to raise money, it appears that less than $70,000 has been paid in ransoms and we are not aware of payments that have led to any data recovery".

Savvides emphasized that paying criminals is never recommended, as it feeds them and rewards them for their crimes. "In my experience, regulators in the USA have started to pay more attention to patching protocols and governance of patching in their reviews and audits in sectors where they have more direct oversight". Ransomware attacks grew to 463,841 in 2016, up from 340,665 attacks in 2015 (36% increase).

But Milford, like MalwareTech, warned that the attack could resurface, like a virus that mutates to resist a treatment.

Never open attachments in emails from someone you don't know.

There was a two-fold increase in attempted attacks against IoT devices over the course of 2016 and, at times of peak activity, the average device was attacked once every two minutes. Instead, some opportunist developers, who could be hackers themselves, spotted the leaks and added them to their own software and released them.

"Systems which did not apply a patch update for this vulnerability were affected by the WannaCry ransomware which uses wormlike behaviour to affect vulnerable systems on the network", it explained.

Email is one of the main infection methods.

Ransomware is a form of malware that completely encrypts your PC. And even finding a real person might be no help if they're in a jurisdiction that won't cooperate. However organizations should ensure that back-ups are appropriately protected or stored off-line so that attackers can't delete them.

Regular backups and snapshots can help you recover files hidden behind ransomware, particularly if you can identify when the infections occurred, so you only work with backup copies before the infection.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.