Mercredi, 26 Septembre 2018
Dernières nouvelles
Principale » Microsoft issues WannaCry security patch for XP, blasts U.S. for 'stockpiling vulnerabilities'

Microsoft issues WannaCry security patch for XP, blasts U.S. for 'stockpiling vulnerabilities'

20 Mai 2017

This one cyberattack has caused ambulances to be rerouted, surgeries to be rescheduled, patients to be turned away from emergency rooms, manufacturers to halt production, airlines to cancel and reschedule flights, as well as a plethora of other problems involving everything from transportation to communications.

Ransomware is nothing new. However, it also exploits a Windows networking flaw to spread more aggressively, like a worm. It leveraged an exploit - a tool created to take advantage of a security hole - leaked in a batch of hacking tools believed to belong to the NSA.

WannaCry's worm-like capacity to infect other computers on the same network with no human intervention appear tailored to Windows 7, said Paul Pratley, head of investigations & incident response at United Kingdom consulting firm MWR InfoSecurity.

"I'm surprised that it took this long for someone to use the ShadowBrokers leak", said Georgia Weidman, founder and CTO of the Shevirah cyber-security company, who noted that the malware exploit a vulnerability in Windows that's existed for almost a decade.

Here are some of the key players in the attack and what may — or may not — be their fault.

The attack was carried out by using the ETERNALBLUE exploit developed by the NSA. Microsoft fixed that flaw back in March, so if you had patched it then you'd be safe from this aspect of the attack. If you are using any devices with an outdated and unsupported OS, you should immediately upgrade the OS (if possible) or replace the device (if the OS can not be upgraded) with a device running a supported Windows operating system. Despite Microsoft ending software support for its XP nearly three years ago, it's considering offering additional patches to XP, Windows 8, and Windows Server 2003, though the damage from WannaCry is still done.

Yet, the code is amateurish and while it had the NSA exploit [of a Windows vulnerability] bolted on, this was not a sophisticated use of the code. But without the ability to receive security-focused software updates, those systems are left at risk. Microsoft is working to ensure we are taking all possible actions to protect our customers.

In fact, Salim Neino, the chief executive of Kryptos Logic, the LA-based company that employs Hutchins, said the ransomware was "unsophisticated". Microsoft surely wants to continue to sell successive versions of Windows every several years and gradually forget about its earlier attempts-it's the business they're in. Major incidents like this ransomware example seem to suggest that many businesses and organizations haven't spent much time planning for a disaster.

Here We Go Again: MAMMA MIA! Sequel Gets Release Date
Universal have said that the location will once again be the Greek island of Kalokairi, with the same producers back on board. Here We Go Again - is due out in the summer of 2018, using ABBA songs not utilised the first time round.

Roughly 32 percent or so of those attacked end up paying the ransom.

Harnish expects those kinds of "integrity attacks" on health data to happen at some point in the not-too-distant future. Your best chance at protecting yourself is to implement layered defense.

You should make multiple backups - to cloud services and using physical disk drives, at regular and frequent intervals.

If so, that is a serious black mark for the security services. Most importantly, advanced malware detection products can catch these new malware variants immediately, well before signature solutions catch up. Longer-term, you will have to plan to move to a new mobile operating system platform, whether that is Windows 10 (or another new Mircosoft platform), Android, or Apple iOS. Furthermore, attackers regularly repackage their malware to continually evade these signatures.

Rogers warned that over the previous year the U.S. has seen increased use of ransomware against individuals and businesses. After that day, it would be impossible to recover the encrypted files. While no solution is ideal, if you really want to catch the latest malware, you need more advanced solutions that leverage behavioral detection to catch new threats.

It's hard not to engage in a bit of victim-blaming in this situation, especially because security experts say the attacks could have been prevented.

There has so far been only scant evidence that banks' systems outside Russian Federation have been compromised.