Treat ransomware attack as a wake-up call: Microsoft The worm, dubbed as WannaCry, locked up more than 200,000 computers in more than 150 countries worldwide
Officials across the globe scrambled over the weekend to catch the culprits behind a massive ransomware worm that disrupted operations at car factories, hospitals, shops and schools, while Microsoft on Sunday pinned blame on the US government for not disclosing more software vulnerabilities.
In a blog post, Microsoft president Brad Smith appeared to tacitly acknowledge what researchers had already widely concluded: The ransomware attack leveraged a hacking tool, built by the US National Security Agency that leaked online in April.
“This is an emerging pattern in 2017,” Smith wrote. “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.”
He also poured fuel on a long-running debate over how government intelligence services should balance their desire to keep software flaws secret - in order to conduct espionage and cyber warfare against sharing those flaws with technology companies to better secure the internet.
He added that governments around the world should “treat this attack as a wake-up call” and “consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.” The NSA and White House did not immediately respond to requests for comment about the Microsoft statement. Economic experts offered differing views on how much the attack, and associated computer outages, would cost businesses and governments. Most victims were quickly able to recover infected systems with backups, said the group’s chief economist, Scott Borg. California-based cyber risk modeling firm Cyence put the total economic damage at $4bn, citing costs associated
with businesses interruption. US President Donald Trump on Friday night ordered his homeland security adviser, Tom Bossert, to convene an “emergency meeting” to assess the threat posed by the global attack, a senior administration official told Reuters. The original attack lost momentum late on Friday after a security researcher took control of a server connected to the outbreak, which crippled a feature that caused the malware to rapidly spread across infected networks.
Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday. Code for exploiting that bug, which is known as “Eternal Blue,” was released on the internet last month by a hacking group known as the Shadow Brokers. The head of the European Union police agency said on Sunday the cyber assault hit 200,000 victims in at least 150 countries and that number would grow when people return to work on Monday. MONDAY MORNING
RUSH? Monday was expected to be a busy day, especially in Asia, which may not have seen the worst of the impact yet, as companies and organisations turned on their computers.
Renault said it halted manufacturing at plants in France and Romania to prevent the spread of ransomware. A Jakarta hospital said on Sunday that the cyber attack had infected 400 computers, disrupting the registration of patients and finding records.
Account addresses hard-coded into the malicious WannaCry virus appear to show the attackers had received just under $32,500 in anonymous bitcoin currency as of (1100 GMT) 7 a.m. EDT on Sunday, but that amount could rise as more victims rush to pay ransoms of $300 or more.
The threat receded over the weekend after a British-based researcher, who declined to give his name but tweets under the profile @MalwareTechBlog, said he stumbled on a way to at least temporarily limit the worm’s spread by registering a web address to which he noticed the malware was trying to connect.
Security experts said his move bought precious time for organisations seeking to block the attacks.
Most victims were quickly able to recover infected systems with backups
— Scott Borg,
Chief Economist