Jeudi, 23 Novembre 2017
Dernières nouvelles
Principale » Microsoft and NSA face off over cyber attack

Microsoft and NSA face off over cyber attack

20 Mai 2017

As the worm, known as WannaCry, has been contained, more free time has opened up in which to argue and assign blame beyond the anonymous hackers who used leaked NSA code to assemble the virus, and whatever party chose to turn it into ransomware. Until Friday, Microsoft had not released a security update for Windows XP in over three years.

While authorities can and do use security flaws to gather intelligence, companies such as Microsoft want to be told about vulnerabilities so they can patch the holes in their security and protect their users from attacks such as WannaCry. The attack, which locked users out of their systems and networks and demanded ransom of about $300 in the form of Bitcoin digital currency, crippled hospitals, businesses and government agencies.

WannaCry exploits a Windows vulnerability codenamed EternalBlue, which has been patched by Microsoft in an update deployed on March 14.

As per Microsoft, on Friday the malware bout started and it has been related by some virus software company's researchers to earlier hits by a North Korean-run hacking process, controlled the instrument constructed by the National Security Agency that leaked in April month via the Internet.

WannaCry or Wanna Decryptor ransomware seems to have used a vulnerability in Microsoft's software. Microsoft, like other vendors whose vulnerabilities were in that NSA data dump, moved quickly to verify the defect and offer a patch. The ransomware has hit various IT systems in more than 150 countries, including Russian Federation and the United Kingdom, in one of the most widespread cyber attacks in history.

The scale of the attack shows that in an increasingly interconnected world, no country should consider itself safe from cyber threats.

WannaCry ransomware which affected operations at the USA health care system and French vehicle maker Renault, appears to have had less impact on corporate India's operations.

Chris Cornell remembered by fans at birthplace of grunge
Of course it's a story about death and Seattle music. "A good songwriter, a great musician. and still so relevant". She also detailed the days leading up to the rocker's death, which has been ruled a suicide.

The tools behind the attack originated within the NSA. When this happens, you can't get to the data unless you pay a ransom. "However, the reused code appears to have been removed from later versions of WannaCry, which according to Kaspersky gives less weight to the false flag theory". But in this case, according to Kaspersky Lab, the shared code was removed from the versions of WannaCry that are now circulating, which reduces the likelihood of such a "false flag" attempt at misdirection. It appears to have hit first in Britain, where it effectively shut down parts of the #National Health Service.

FedEx, French automaker Renault and Spanish telecommunications firm Telefonica are among those attacked.

The impact of WannaCry ransomware attack has been limited to five or six isolated instances so far and there are no reports of any substantial disruption to India's IT backbone, the government said today. The 22-year-old cyber security researcher has warned everyone to patch their systems before it's too late to escape the attack.

Microsoft is pointing the finger at the U.S. government, while some experts say the software giant is accountable too.

Affected Windows systems include everything from Windows Vista, Windows Server 2008, Windows 7, Windows 8.x, Windows Server 2012, Windows 10 and Windows Server 2016. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don't be fooled.

A new variant of the WannaCry attack surfaced on Monday, according to cybersecurity firm Check Point Software Technologies, but the firm stopped it by using the kill switch, Reuters reports.