Global Ransomware Attack: What Your Organization Needs to Know Now

Cyber-attacks from WannaCry ransomware slow but fears remain

Cyber-attacks from WannaCry ransomware slow but fears remain

While WannaCry rampaged through more than 100 countries over the weekend, security researchers identified a "kill switch" within the ransomware that slowed the expansion. In Britain, whose health service was among the first high-profile targets of the online extortion scheme, Health Secretary Jeremy Hunt said "we have not seen a second wave of attacks".

Low-end criminals take advantage of less-savvy users with such known viruses, even though malware is constantly changing and antivirus is frequently days behind detecting it.

He said, "We take every single cyberattack on a Windows system seriously, and we've been working around the clock since Friday to help all our customers who have been affected by this incident". It appears that these NHS systems were vulnerable because they used older versions of Microsoft operating systems that are no longer updated.

Prabir Sarkar, CEO of OfficeExtract, a local distributor of Kaspersky Lab, said, "We have so far received complaints from five types of medium enterprises in the country". Ensure that your current defenses are properly configured to address your current risk profile and that all appropriate updates and patches have not only been installed, but are also functioning.

With any luck, you're never going to be faced with the attack.

The ransomware encrypts data on the computer using an encryption key that only the attacker knows.

Vernick said businesses that failed to update their software could face scrutiny from the U.S. Federal Trade Commission, which has previously sued companies for misrepresenting their data privacy measures. He said some are more easily exploitable than others and therefore require a more urgent response.

On Monday the firm said that 90% of its factories were running again. Union IT minister Ravi Shankar Prasad has reportedly said that the malware has had nearly zero impact on India.

The attack spread to a large swath of different organizations around the world, including the French vehicle company Renault, the Russian cellphone operator MegaFon and USA -based FedEx.

By March, Microsoft had developed and distributed security fixes for the vulnerability.

But some other technology industry executives said privately that it reflected a widely held view in Silicon Valley that the US government is too willing to jeopardize internet security in order to preserve offensive cyber capabilities. The company rates the update as "critical" for supported Windows releases. "You've got to keep your systems updated".

Backup your system fully and on a regular basis.

Continually train and remind employees and network users to be aware of and on the lookout for suspicious emails and to "think before they click" on any attachments.

As for Microsoft, some intelligence agency experts questioned its NSA criticism, saying it's unreasonable for the company to ask governments to stop using its products as a way to attack and monitor enemies.

Brad Smith, Microsoft's Chief Legal Officer, said the latest global cyber attack suggested that governments are taking a wrongheaded approach to the issue.

This includes whitelisting certain websites and software so only approved programs can run on a computer, or disabling administrative privileges on a company's machines so that only the IT department can download programs.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.