Computer Active (UK) - - Contents -

TheWan­nacry ran­somware that paral­ysed tens of thou­sands of com­put­ers in May world­wide can be used to at­tack Win­dows 10, se­cu­rity re­searchers have said.

Ex­perts at US com­pany Risksense have cre­ated a Win­dows 10 ver­sion of the se­cu­rity flaw – called Eter­nal­blue – that Wan­nacry ex­ploited in or­der to bet­ter un­der­stand how fu­ture at­tacks can be pre­vented.

No Win­dows 10 com­put­ers were af­fected by Wan­nacry dur­ing the at­tack last month. De­spite ini­tial re­ports that XP ma­chines were most at risk, analysis sug­gests that 98 per cent of hacked com­put­ers were run­ning Win­dows 7.

Risksense’s re­search is known as ‘white hat hack­ing’, in which the se­cu­rity of soft­ware and sys­tems are tested by ex­perts look­ing to find flaws be­fore crim­i­nals do.

It has pub­lished a re­port ex­plain­ing how Wan­nacry can in­fect Win­dows 10, but left out de­tails “that would only be use­ful to at­tack­ers”. Sean Dil­lon, se­nior re­search an­a­lyst at Risksense, said the in­for­ma­tion would help the se­cu­rity in­dus­try de­velop “new tech­niques” to thwart ran­somware.

His team re­moved a ‘back­door’ from the flaw, which Wan­nacry was us­ing to by­pass an­tivirus soft­ware. Dil­lon said that Wan­nacry doesn’t ac­tu­ally need to use this tac­tic, and urged se­cu­rity re­searchers to stop wast­ing time look­ing for ways to block it.

Check for up­dates

To stay safe from Wan­nacry, Win­dows 10 users should make sure they have in­stalled Mi­crosoft’s MS17-010 update, which was re­leased on 14 March to fix Eter­nal­blue.

Up­dates are ap­plied au­to­mat­i­cally by de­fault in Win­dows 10, but to dou­ble-

check click the Start but­ton, type update, then click ‘Win­dows Update set­tings’ from the list of re­sults.

Next click the grey ‘Check for up­dates’ but­ton in the ‘Update sta­tus’ sec­tion. If this finds any up­dates, click them. • Wan­nacry scams you need to avoid – turn to page 16

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.