If you do not follow the instructions concerning our policy on external links
your submission will be sent to the spam folder.
The malicious cyberattack called WanaCrypt0r 2.0 (a.k.a. Wanna, Wannacry, Wcry or Wanna Decryptor 2) is reportedly causing disruptions at banks, hospitals, telecommunications services, and other mission-critical organizations around the world.
There have been reports of infections in 99 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan, and a live interactive map posted on the British tech blog MalwareTech shows infections across the globe. The malware is notable for its multi-lingual ransom demands, which support more than two-dozen languages.
Another cause for concern: wcry copies a weapons-grade exploit codenamed Eternalblue that the NSA used for years to remotely commandeer computers running Microsoft Windows. Eternalblue, which works reliably against computers running Microsoft Windows XP through Windows Server 2012, was one of several potent exploits published in the most recent Shadow Brokers release in mid-April.
The Wcry developers have combined the Eternalblue exploit with a self-replicating payload that allows the ransomware to spread virally from vulnerable machine to vulnerable machine, without requiring operators to open e-mails, click on links, or take any other sort of action.
Microsoft patched the above underlying vulnerability in March, exactly four weeks before the Shadow Brokers' April release published the weapons-grade NSA exploit. The rapid outbreak of Wcry may be an indication that many, or possibly all, of the companies hit had yet to install a critical Windows patch more than two months after it was released.
For example, the malware has impacted Europe's National Healthcare System (NHS) meaning patient records, appointment schedules, internal phone lines and emails were rendered inaccessible, and connections between computers and medical equipment were brought down. Staff were forced to turn to pen and paper and to use their own mobile phones. Last December, it emerged that 90% of NHS computers still run on Windows XP, two and a half years after Microsoft stopped supporting the operating system.
Infected computers show a message demanding a $300 (£233) ransom per machine to be paid to a Bitcoin wallet address. It says: “Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.”
“You only have three days to submit the payment,” the message adds. “After that the price will be doubled. Also if you don’t pay in seven days, you won’t be able to recover your files forever.”
What you need to do: Tom’s Guide writes if you've not installed the March, April or May Windows Update bundles for Windows 7, 8 and 10, do so immediately. It's worth shutting down your system for a few minutes if it gives you a chance to avoid this. If you're still using Windows XP, you're out of luck, but the March and April update bundles should be available to Windows Vista via MS17-010.
very nice article,
Thanks Bob. As of this morning (15-May)..."... Microsoft president and chief legal officer Brad Smith likened the crippling “WannaCry” cyber assault on at least 200,000 PCs in more than 150 countries — a result of software exploits pilfered from the National Security Agency in April — to a raid on the Pentagon’s missile arsenal. “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” Smith wrote in a blog post. “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”..." per NYDailyNews.com