Local security experts weighs in on worldwide cyber attack

Adjust Comment Print

"In light of current ransomware attacks happening across the globe as well as in India, Maharashtra Cyber is collaborating with Quick Heal to help people in this crises", read a notification issued by the state police.

On Friday, an unprecedented cyberattack affected a large number of Microsoft Windows-based computers through a type of malware known as ransomware.

But unlike most ransomware, WannaCry has no process to uniquely identify which ransom payment is tied to which computer, Horowitz said. A former cybersecurity researcher with the Israeli Air Force's famous OFEK Unit, he is founder and CEO of Javelin Networks, a security company that uses artificial intelligence to fight against malware.

Other experts also blamed the government.

The communication and information ministry said the malware locked patient files on computers at two hospitals in the capital Jakarta.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime. In WannaCry's case, the code had been stolen and had fallen into the hands of criminal actors.

Most of the 200,000 victims of the attack were in Europe and Asia.

The question is, are we ready to completely rely on digital systems? Researchers say new variants of the software have a similar kill switch, but they refer to different domains. This means that people could have died because the attacks put a stop to normal hospital procedures.

Yes, every operating system could theoretically be attacked. They went one step further and recommended encrypted backups, again disconnected from the internet.

Some of the biggest disruption was caused by attacks on the United Kingdom health system, which saw hospitals and clinics forced to turn away patients after losing access to computers.

This weekend's global online extortion attack reinforces the need for businesses and other large organizations to update their computer operating systems and security software, cybersecurity experts said. The impact of WannaCry could have been greatly reduced if critical Microsoft Windows patches were applied in time throughout organizational industry networks. In a blog posted on Sunday by Brad Smith, president and chief legal officer for Microsoft, he discussed that with the growing sophistication of cyberattacks, the practice of collecting malicious tools by the government has done more harm than good.

The U.S. Computer Emergency Readiness Team sent out an alert on Friday warning about WannaCry, which exploits vulnerabilities in Server Message Block 1.0. The company had already been supporting it longer than it normally would have because so many customers still used it and the effort was proving costly. "Yet, when a serious vulnerability is discovered in software, many companies respond slowly or say it's not their problem'".

But with Microsoft making an exception this time and providing the patch free to XP users, it may come under pressure to do the same next time it issues a critical security update.

Use firewalls, and anti-virus software from reputed vendors, and ensure these are upgraded regularly.

It's still unclear who created WannaCry, whether amateurs or skilled hackers.

Are there potential cyber-attacks that can affect the Linux operating system?

Should they push stronger for the adoption of the newer OSes and make users aware of the downsides of not doing so? Instead, users are left with a button on the displayed ransom note that says "check payment".

We've already seen what happens when no action is taken. "This is why they call it ransomworm".

There is absolutely no guarantee the criminals would give your files back.

However, it's not a complete all-in-one solution.

This includes whitelisting certain websites and software so only approved programs can run on a computer, or disabling administrative privileges on a company's machines so that only the IT department can download programs.