Vendredi, 15 Décembre 2017
Dernières nouvelles
Principale » Malware case, a major blow for the NSA

Malware case, a major blow for the NSA

19 Mai 2017

One was to re-image their Windows systems and restore data from backups, or to pay the ransom. As operating systems age, more potential viruses and malware are created to target them.

As the situation unfolds - with latest reports pointing the finger of accusation toward North Korea - the question remains: why was the NHS so vulnerable to Wannacry?

Reports indicate that months ago the National Security Administration first uncovered a vulnerability in Microsoft's Windows operating system using a hacking tool that ironically was then released on the Internet by hackers. Just weeks later, cyber criminals launched a widespread ransomware attack.

In 2015, over a dozen of the world's most prominent experts in the field of cryptography issued their assessment regarding the use of backdoors by agencies like the NSA - and they roundly objected. They are suspected of providing the NSA tools to Shadow Brokers.

Windows 10, the latest version of Microsoft's flagship operating system franchise, accounts for another 15 per cent, while older versions of Windows including 8.1, 8, XP and Vista, account for the remainder, BitSight estimated.

IT providers and security firms are encouraging companies and users to make sure they install the official patch from Microsoft. Released back in 2001, sincw 2014 Microsoft has no longer actively supported Windows XP.

Those hit by WannaCry also failed to heed warnings previous year from Microsoft to disable a file sharing feature in Windows known as SMB, which a covert hacker group calling itself Shadow Brokers had claimed was used by NSA intelligence operatives to sneak into Windows PCs.

Microsoft have shouted for years that Windows XP users must upgrade - without regular security patches the operating system's security can not be guaranteed.

Reuters also reports that half of all internet addresses corrupted globally by WannaCry are located in China and Russian Federation, with 30 and 20 percent respectively.

In other words, if people had simply stayed on top of security updates, their machines would not have been infected.

Israel arrests 2 after deadly West Bank clash
The death of the Palestinian led to clashes between dozens of local youth and Israeli soldiers, who also closed Huwwara road. Israel maintains that conditions meet all worldwide standards, and has so far has refused to negotiate with prisoners.

That's what led to such strong warnings being issued by security experts: Chris Camacho of New York's Flashpoint said, "When people ask what keeps you up at night, it's this"; Rohy Belani of email security company PhishMe said, "This is nearly like the atom bomb of ransomware".

However, the respective central banks at the two countries have issued statements to minimise any concern that banks have been affected by the ransomware attacks.

The massive attack has been a boon for cyber security firms, driving up stock prices of some while others, like six-year-old American start-up Crowdstrike, were able to raise $100 million in one day. While the leading tech firm Microsoft is holding the U.S. government responsible for the massive attack, some worldwide experts have counterattacked Microsoft, claiming it also be responsible for the happening. "This helps to guard against recently uncovered vulnerabilities that attackers can exploit". Rather than telling Microsoft about the flaw, the NSA kept the exploit quiet, doubtless hoping to use it in the future.

"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage", wrote Microsoft's Brad Smith.

"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen", the company said Sunday.

"In our research, we found that a large percentage of attacks globally by WannaCry happened in India and the country was third on the total number of attacks", said Altaf Halde, Managing Director of Kaspersky Lab, South Asia.

A West Point cadet participates in an exercise defending a computer network against an opposition force of National Security Agency and Department of Defense personnel.

According to the cyber security experts, many corporate, institutions and individual have been hit by the ransomware.

This will not be fixed quickly.