wannacry

A Global WannaCry Cyberattack


‘Biggest ransomware outbreak in history’ hits nearly 100 countries with data held for ransom

Dozens of countries have been hit with a huge cyber extortion attack that locked computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies.

How did the attack occur?

  • Attack appeared to be caused by a self-replicating piece of software that takes advantage of vulnerabilities in older versions of Microsoft Windows, security experts say
  • It spreads from computer to computer as it finds exposed targets.
  • Ransom demands start at $US300 and increase after two hours, a security researcher at Kaspersky Lab says
  • Security holes were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has repeatedly published what it says are hacking tools used by the NSA
  • Shortly after that disclosure, Microsoft announced it had already issued software “patches” for those holes
  • But many companies and individuals have not installed the fixes yet or are using older versions of Windows that the company no longer supports and for which no patch was available

The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers, but other countries — including Spain, Portugal, and Russia — have also been targeted.

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files.

The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists.

Mikko Hypponen, chief research officer at Helsinki-based cybersecurity company F-Secure, called it “the biggest ransomware outbreak in history”.

The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.

Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries with Russia, Ukraine, and Taiwan the top targets.

Chris Wysopal of the software security firm Veracode said criminal organisations were probably behind the attack, given how quickly the malware spread.

“For so many organisations in the same day to be hit, this is unprecedented,” Mr Wysopal said.

But Alan Woodward, visiting professor of computing at the University of Surrey, said he did not believe it was a targeted attack.

“But will simply have been that the ransomware has sought out those organisations that are running susceptible devices,” Mr Woodward said.

The US Department of Homeland Security said late on Friday (local time) that it was aware of reports of the ransomware, was sharing information with domestic and foreign partners and was ready to lend technical support.

Patients turned away as hospitals hit with ransomware

Private security firms identified the ransomware as a new variant of “WannaCry” that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.

The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm,” or self-spreading malware, by exploiting a piece of NSA code known as “Eternal Blue” that was released last month by a group known as the Shadow Brokers, researchers with several private cyber security firms said.

We apologise but we are having issues with our computer systems. Please don’t attend A&E unless it’s an emergency. Thanks for your patience

Microsoft said it was pushing out automatic Windows updates to defend clients from WannaCry. It issued a patch on March 14.

The attack froze computers at hospitals across Britain, shutting down wards, closing emergency rooms and bringing medical treatments to a halt.

NHS Digital, which oversees hospital cybersecurity, said the attack was affecting organisations from across a range of sectors.

Many hospitals cancelled all routine procedures and warned patients not to come to the hospital unless it was an emergency. Some chemotherapy patients were even sent home because their records could not be accessed.

Several facilities in Scotland also reported being hit. Doctors’ practices and pharmacies reported similar problems.

Russia appeared to be the hardest hit, according to security experts, with the country’s Interior Ministry confirming it was struck.

The interior ministry said on its website that around 1,000 computers had been infected but it had localised the virus.

In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older, unpatched versions of Windows in use, according to security firm Kaspersky Lab’s count.

Cyber crime: Why you should care

All individuals and organisations connected to the internet are vulnerable to cyber attack – and the threat is growing.

A spokesman for Prime Minister Malcolm Turnbull said there had been no confirmed reports of an impact on Australian organisations at this stage.

He said the Federal Government was closely monitoring the situation.

“The Prime Minister’s Cyber Security Special Adviser is working with the Australian Cyber Security Centre and health agencies in Australia to determine any impact to Australia,” he said.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from Spain’s National Cryptology Centre of “a massive ransomware attack”.

Iberdrola and Gas Natural, along with Vodafone’s unit in Spain, asked staff to turn off computers or cut off internet access in case they had been compromised, representatives from the firms said.

British cyber centre says it is investigating attack

Leading international shipper FedEx Corp said it was one of the companies whose system was infected with the malware that security firms said was delivered via spam emails.

“Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware,” the company said in a statement.

Only a small number of US-headquartered organisations were infected because the hackers appear to have begun the campaign by targeting organisations in Europe, a research manager with security software maker Symantec said.

Cyber security incidents increasing

The nation’s top spy agencies warn that the number of cyber security threats facing Australia is growing by the day.

By the time they turned their attention to US organisations, spam filters had identified the new threat and flagged the ransomware-laden emails as malicious, Vikram Thakur said.

Telecommunications company Telefonica was among many targets in Spain, though it said the attack was limited to some computers on an internal network and had not affected clients or services.

Portugal Telecom and Telefonica Argentina both said they were also targeted.

Britain’s National Cyber Security Centre, part of the GCHQ electronic intelligence agency, said it was working with police and the health system to investigate the attack.

British government officials and intelligence chiefs have repeatedly highlighted the threat to critical infrastructure and the economy from cyberattacks, with the National Cyber Security Centre reporting it had detected 188 “high-level” attacks in just three months.

AP/Reuters

Source: ABC Net Au

Stolen U.S. spy agency tool used to launch global cyberattack

(Reuters) – A global cyberattack leveraging hacking tools widely believed by researchers to have been developed by the U.S. National Security Agency hit international shipper FedEx, disrupted Britain’s health system and infected computers in nearly 100 countries on Friday.

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files.

The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists.

Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries with Russia, Ukraine, and Taiwan the top targets.

The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers.

International shipper FedEx Corp said some of its Windows computers were also infected. “We are implementing remediation steps as quickly as possible,” it said in a statement.

Still, only a small number of U.S.-headquartered organizations were hit because the hackers appear to have begun the campaign by targeting organizations in Europe, said Vikram Thakur, research manager with security software maker Symantec.

By the time they turned their attention to the United States, spam filters had identified the new threat and flagged the ransomware-laden emails as malicious, Thakur said.

The U.S. Department of Homeland Security said late on Friday that it was aware of reports of the ransomware, was sharing information with domestic and foreign partners and was ready to lend technical support.

Telecommunications company Telefonica was among many targets in Spain, though it said the attack was limited to some computers on an internal network and had not affected clients or services. Portugal Telecom and Telefonica Argentina both said they were also targeted.

Private security firms identified the ransomware as a new variant of “WannaCry” that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.

“Once it gets in and starts moving across the infrastructure, there is no way to stop it,” said Adam Meyers, a researcher with cyber security firm CrowdStrike.

The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm,” or self spreading malware, by exploiting a piece of NSA code known as “Eternal Blue” that was released last month by a group known as the Shadow Brokers, researchers with several private cyber security firms said.

“This is one of the largest global ransomware attacks the cyber community has ever seen,” said Rich Barger, director of threat research with Splunk, one of the firms that linked WannaCry to the NSA.

The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the U.S. spy agency.

Microsoft on Friday said it was pushing out automatic Windows updates to defend clients from WannaCry. It issued a patch on March 14 to protect them from Eternal Blue.

“Today our engineers added detection and protection against new malicious software known as Ransom:Win32.WannaCrypt,” Microsoft said in a statement. It said the company was working with its customers to provide additional assistance.

Sensitive timing

The spread of the ransomware capped a week of cyber turmoil in Europe that kicked off a week earlier when hackers posted a huge trove of campaign documents tied to French candidate Emmanuel Macron just 1-1/2 days before a run-off vote in which he was elected as the new president of France.

On Wednesday, hackers disputed the websites of several French media companies and aerospace giant Airbus.Also, the hack happened four weeks before a British parliamentary election in which national security and the management of the state-run National Health Service (NHS) are important campaign themes.

Authorities in Britain have been braced for possible cyberattacks in the run-up to the vote, as happened during last year’s U.S. election and on the eve of this month’s presidential vote in France.

But those attacks – blamed on Russia, which has repeatedly denied them – followed an entirely different modus operandi involving penetrating the accounts of individuals and political organizations and then releasing hacked material online.

On Friday, Russia’s interior and emergencies ministries, as well as the country’s biggest bank, Sberbank, said they were targeted. The interior ministry said on its website that around 1,000 computers had been infected but it had localized the virus.

The emergencies ministry told Russian news agencies it had repelled the cyberattacks while Sberbank said its cyber security systems had prevented viruses from entering its systems.

New breed of ransomware

Although cyber extortion cases have been rising for several years, they have to date affected small-to-mid-sized organizations, disrupting services provided by hospitals, police departments, public transportation systems and utilities in the United States and Europe.

“Seeing a large telco like Telefonica get hit is going to get everybody worried. Now ransomware is affecting larger companies with more sophisticated security operations,” Chris Wysopal, chief technology officer with cyber security firm Veracode, said.

The news is also likely to embolden cyber extortionists when selecting targets, Chris Camacho, chief strategy officer with cyber intelligence firm Flashpoint, said.

“Now that the cyber criminals know they can hit the big guys, they will start to target big corporations. And some of them may not be well prepared for such attacks,” Camacho said.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from Spain’s National Cryptology Centre of “a massive ransomware attack.”

Iberdrola and Gas Natural, along with Vodafone’s unit in Spain, asked staff to turn off computers or cut off internet access in case they had been compromised, representatives from the firms said.

In Spain, the attacks did not disrupt the provision of services or networks operations of the victims, the government said in a statement.

Source: Reuters – VentureBeat

Cyber expert warns against supporting criminal syndicates amid global hacking

Key points:

  • Over 57,000 infections in 99 countries have been detected
  • Ransomware attacks happen every day in Australia, they just don’t get reported, expert says
  • UK doctors have turned away chemotherapy patients due to not being unable to access medical records

Attackers have used encryption algorithms to lock files, which owners cannot access unless they pay a ransom.

Over 57,000 infections in 99 countries have been detected, with Russia, Ukraine, and Taiwan being top targets, security software maker Avast said.

The attacks have led to hospitals and doctors in England turning away patients after they were unable to view their medical files.

But director for Centre for Cyber Security Research at Deakin University, Professor Yang Xiang, has strictly warned against giving in to criminal syndicates in order to have data unlocked.

“Cyber attacks have already become a kind of industry. [The attackers] are operating like a trained organisation and this will make the cyber security more and more difficult,” he said.

“I don’t think it’s ethical to pay ransom to get data back because we really need to have strong mechanisms to defend against attackers.

“If you keep paying ransom it’s actually helping attackers to grow the industry.”

How did the attack occur?

  • Attack appeared to be caused by a self-replicating piece of software that takes advantage of vulnerabilities in older versions of Microsoft Windows, security experts say
  • It spreads from computer to computer as it finds exposed targets.
  • Ransom demands start at $US300 and increase after two hours, a security researcher at Kaspersky Lab says
  • Security holes were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has repeatedly published what it says are hacking tools used by the NSA
  • Shortly after that disclosure, Microsoft announced it had already issued software “patches” for those holes
  • But many companies and individuals have not installed the fixes yet or are using older versions of Windows that the company no longer supports and for which no patch was available

Professor Yang, who daily works on detecting possible ransomware, said cyber security had been a “number one problem” in Australia for years, and urged government agencies, companies and individuals to prepare for future attacks.

“Australia has a very similar situation because it heavily relies on internet,” he said.

“We have seen a lot of ransomware attacks in companies and government organisations.

“It actually happens every day, it just didn’t get reported.”

While he could not say which specific institutions had been targeted, he did reveal the mining industry was under attack.

Ransomware encryptions are strong. Once the data has been locked, it is extremely difficult to regain access to it.

Professor Yang calls for the Federal Government not to downplay the threat of cyber attacks and to treat this as a priority.

“We just got some news that Government is cutting funding for universities. I think it is important to keep supporting research, support cyber security industry and provide more funding to innovation and research in this area,” he said.

Companies leave themselves open to attacks

One of the more reported victims of the latest attack has been Britain’s National Health Service.

Doctors in the UK have been forced to turn away even chemotherapy patients due to being unable to access their medical records.

But just days before the attack, a UK doctor warned about hospitals’ software being targeted, saying “more hospitals will almost certainly be shut down by ransomware this year”.

Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, said in the British Media Journal health facilities left themselves open to hacks by using ancient operating systems.

But some have cast blame on the United States’ National Security Agency (NSA) and other countries’ intelligence services for hoarding software vulnerabilities for offensive purposes, rather than quickly alerting technology companies to such flaws.

Edward Snowden, who in 2013 leaked documents exposing US surveillance programs, said on Twitter NSA’s “dangerous attack tools” now threatened lives of hospital patients.

In March, WikiLeaks released thousands of “Vault 7” documents that revealed the CIA knew about several flaws in Apple, Google and Samsung software but did not tell the companies about them because it wanted to use them for spying.

Across the US Federal Government, about 90 per cent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters in March.

“These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” Patrick Toomey, a staff attorney with the American Civil Liberties Union, said in a statement.

The NSA did not respond to a request for comment.

Source: ABC Net Au

Thanks ABC net Au, Reuters Venture Beat and for reading A Global WannaCry Cyberattack

 Image: The Hacker News “Protect Against WannaCry”

Help Support Our Work

Like and Share on our Facebook page

Dr Don
Founder/Admin The Internet Crime Fighters Org, Author The Internet Users Handbook, See more http://about.me/drdony
Dr Don
Dr Don
Dr Don

Latest posts by Dr Don (see all)

Tags: , , , , , , , , , , , ,
Previous Post
Powet
Business Home Offers Reviews

Offer – Power of 3²

Next Post
offers
Business Child Family Home Offers Reviews

Offers – ICFO Specials

Comments

  1. Reply

    ‘Accidental hero’ finds kill switch to stop spread of ransomware cyber-attack
    Spread of malware curtailed by expert who simply registered a domain name for a few dollars, giving many across world time to protect against attack
    https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

  2. Reply

    Cyber attack crisis ‘isn’t over’: Warning from researcher who found ransomware ‘kill switch’ http://www.telegraph.co.uk/technology/2017/05/13/cyber-attack-crisis-isnt-warning-researcher-found-ransomwarekill/

  3. Reply

    Ransomware’s Aftershocks Feared as U.S. Warns of Complexity https://www.nytimes.com/2017/05/14/world/europe/cyberattacks-hack-computers-monday.html

  4. Reply

    China, Addicted to Bootleg Software, Reels From Ransomware Attack https://www.nytimes.com/2017/05/15/business/china-ransomware-wannacry-hacking.html

  5. Reply

    WannaCry ransomware cyber-attacks slow but fears remain http://www.bbc.com/news/technology-39920141

  6. Reply

    ‘Perfect storm’ of ransomware and network worm hits unprotected computers globally U.S. hospital CIO defends lack of latest Windows patches, saying only older Windows XP runs some critical hospital apps http://www.computerworld.com/article/3196119/security/perfect-storm-of-ransomware-and-network-worm-hits-unprotected-computers-globally.html#tk.drr_mlt

  7. Reply
  8. Reply
  9. Reply
  10. Reply

    Some oddities in the WannaCry ransomware are puzzling cybersecurity researchers http://www.businessinsider.com/wannacry-ransomware-attack-oddities-2017-5?IR=T&r=US&IR=T

  11. Reply

    Suspect a WannaCry ransomware attack? Call this Maharashtra government helpline Last Friday, several countries across the globe saw ransomware attacks made by a virus called WannaCry http://www.hindustantimes.com/mumbai-news/suspect-a-wannacry-ransomware-attack-on-your-pc-call-this-number-to-get-help/story-imBGgf8jIO4SzVG58vXhQN.html

  12. Reply

    The WannaCry Ransomware Has a Link to Suspected North Korean Hackers https://www.wired.com/2017/05/wannacry-ransomware-link-suspected-north-korean-hackers/

  13. Reply

    Why We Shouldn’t Be Surprised If North Korea Launched the WannaCry Ransomware Cyberattack http://time.com/4781809/ransomware-attack-north-korea-wannacry/

  14. Reply
  15. Reply

    Medical Device Manufacturers Push Out Patches For WannaCry https://bitcoinwarrior.net/2017/05/medical-device-manufacturers-push-patches-wannacry/

  16. Reply

    WannaCry: Adylkuzz has potential to be far worse than ransomware attack http://www.abc.net.au/news/2017-05-18/adylkuzz-cyberattack-could-be-far-worse-than-wannacry:-expert/8537502

  17. Reply

    WannaCry’s ransom deadline is here. Should you pay? With ransomware comes a hefty price and conflict over whether you should cough up the cash. Here’s what the US government and cybersecurity experts say. https://www.cnet.com/news/the-wannacry-ransom-deadline-is-here-should-you-pay/

  18. Reply
  19. Reply

    Another Ransomware Nightmare Could Be Brewing in Ukraine https://www.wired.com/2017/05/another-ransomware-nightmare-brewing-ukraine/

  20. Reply

    In WannaCry’s Wake, a New Rapidly Spreading Ransomware Attack Appeared Today http://gizmodo.com/in-wannacrys-wake-a-new-rapidly-spreading-ransomware-a-1795385418

  21. Reply

    Hackers Are Trying to Reignite WannaCry With Nonstop Botnet Attacks https://www.wired.com/2017/05/wannacry-ransomware-ddos-attack/

  22. Reply
  23. Reply

    Worried you could be hit by WannaCry ransomware? This free tool could save your files http://www.komando.com/happening-now/401371/worried-you-could-be-hit-by-wannacry-ransomware-this-free-tool-could-save-your-files

  24. Reply

    WannaCry: What can you do to protect your business? http://www.bbc.com/news/business-39947944

  25. Reply

    WannaCry ransomware attack: Dry those tears and get back to basics The recent WannaCry ransomware attack reminds CIOs and CISOs there are no good excuses for bad security. Also in Searchlight: Google’s ‘AI-first’ agenda, net neutrality in trouble. http://searchcio.techtarget.com/news/450419229/WannaCry-ransomware-attack-Dry-those-tears-and-get-back-to-basics

  26. Reply
  27. Reply

    A security researcher claims to have created a new tool capable of restoring computers infected by WannaCry ransomware. http://www.independent.co.uk/life-style/gadgets-and-tech/news/wannacry-ransomware-infect-windows-xp-computers-tool-restore-no-paying-up-virus-nhs-adrien-guinet-a7744576.html

  28. Reply

    Security researchers have a fix for victims of the ‘WannaCry’ ransomware http://bgr.com/2017/05/19/wannacry-ransomware-fix-wannakiwi/

  29. Reply

    Windows XP hit by WannaCry ransomware? This tool could decrypt your infected files Windows XP wasn’t vulnerable to the WannaCry worm but still could be infected with the ransomware. Now there’s a tool to decrypt Windows XP machines attacked by WannaCry. http://www.zdnet.com/article/windows-xp-hit-by-wannacry-ransomware-this-tool-could-decrypt-your-infected-files/

  30. Reply

    Hackers are trying to bring the WannaCry ransomware back from the dead http://bgr.com/2017/05/20/wannacry-ransomware-windows-botnet-kill-switch/

  31. Reply

    WannaCry ransomware’s real victim: Your local corner store Six out of 10 small businesses shut down after cyberattacks. Here’s why. https://www.cnet.com/news/wannacry-ransomware-real-victim-small-business-local-corner-store/

  32. Reply

    Windows 7 PCs infected by WannaCry ransomware can be unlocked without paying Wanakiwi can decrypt Windows 7 and 2003 PCs infected with Wanna Decryptor, and possibly Vista and Server 2008 machines too. https://arstechnica.co.uk/security/2017/05/windows-7-2003-vista-wannacry-decryption/

  33. Reply

    WannaCry ransomware virus hits 19 Kenyan firms At least 19 organisations in Kenya have been affected by the WannaCry ransomware in an ongoing global hacking attack. http://indianexpress.com/article/technology/tech-news-technology/wannacry-ransomware-virus-hits-19-kenyan-firms-4665265/

  34. Reply

    Why is China home to half of the computers infected with WannaCry ransomware? https://www.hongkongfp.com/2017/05/21/china-home-half-computers-infected-wannacry-ransomware/

  35. Reply

    North Korea’s Unit 180, the cyber warfare cell that worries the West http://www.abc.net.au/news/2017-05-21/north-koreas-unit-180-cyber-warfare-cell-hacking/8545106

  36. Reply

    Medical Devices infected by WannaCry Ransomware in US hospitals According to Forbes, the dreaded WannaCry ransomware has infected medical devices in at least two hospitals in the United States. http://securityaffairs.co/wordpress/59299/breaking-news/wannacry-ransomware-hospitals.html

  37. Reply

    INSIDE THE ELITE NORTH KOREAN CYBER WARFARE CELL BEHIND THE SONY HACK: REPORT http://www.newsweek.com/north-korea-cyber-warfare-sony-hack-612997

  38. Reply

    Windows 7, not XP, was the reason last week’s WCry worm spread so widely A run-down of recent WCry developments you may have missed. https://arstechnica.com/security/2017/05/windows-7-not-xp-was-the-reason-last-weeks-wcry-worm-spread-so-widely/

  39. Reply

    Week in review: WannaCry decryptor available, stealing Windows credentials using Google Chrome https://www.helpnetsecurity.com/2017/05/21/week-review-wannacry-decryptor-available-stealing-windows-credentials-using-google-chrome/

  40. Reply
  41. Reply

    Defending Yourself – and Your Computer – From WannaCry Ransomware http://normangeestar.net/2017/05/21/defending-yourself-and-your-computer-from-wannacry-ransomware/

  42. Reply

    WannaCry Ransomware: Know How To Protect Yourself From The Unexpected Attack http://normangeestar.net/2017/05/21/wannacry-ransomware-know-how-to-protect-yourself-from-the-unexpected-attack/

  43. Reply

    Ransomware misses area, raises worries Local IT firms say: Back up, upgrade http://www.journalgazette.net/news/local/20170521/ransomware-misses-area-raises-worries

  44. Reply
  45. Reply
  46. Reply

    Cyber security leaders to assess threat landscape. More than 6,000 delegates to take part in three-day event in Dubai http://gulfnews.com/business/sectors/technology/cyber-security-leaders-to-assess-threat-landscape-1.2030328

  47. Reply

    Chinese media blame the United States of America for WannaCry ransomware cyber-attack http://clicklancashire.com/2017/05/21/chinese-media-blame-the-united-states-of-america-for.html

  48. Reply

    WannaCry good biz for cyber security firms Cyber security firm Sophos stock jumped more than 7% to set a record high http://www.business-standard.com/article/companies/wannacry-good-biz-for-cyber-security-firms-117052200068_1.html

  49. Reply

    Inside the digital heist that terrorized the world—and only made $100k https://qz.com/985093/inside-the-digital-heist-that-terrorized-the-world-and-made-less-than-100k/

  50. Reply

    UN investigators looking into North Korean sanctions are hit by ‘sustained’ cyber attack http://www.businessinsider.com/un-cyber-attack-north-korea-2017-5?IR=T&r=US&IR=T

  51. Reply
  52. Reply

    EternalRocks Worm Uses 7 Leaked NSA Hacking Tools https://www.infosecurity-magazine.com/news/eternalrocks-worm-uses-7-nsa-tools/

  53. Reply

    WannaCry started a new debate: How much safe is Cashless society? http://www.ehackingnews.com/2017/05/wannacry-started-new-debate-how-much.html

  54. Reply

    More Evidence Points to North Korea in Ransomware Attack https://www.nytimes.com/2017/05/22/technology/north-korea-ransomware-attack.html

  55. Reply

    WannaCry: Ransomware attacks show strong links to Lazarus group Similarities in code and infrastructure indicate close connection to group that was linked to Sony Pictures and Bangladesh Bank attacks https://www.symantec.com/connect/blogs/wannacry-ransomware-attacks-show-strong-links-lazarus-group

  56. Reply

    Symantec says ‘highly likely’ North Korea group behind ransomware attacks https://ca.news.yahoo.com/symantec-says-highly-likely-north-korea-group-behind-004223263–sector.html

  57. Reply

    There’s new evidence tying WCry ransomware worm to prolific hacking group Common tools, techniques, and infrastructure make link “highly likely.” (Lazarus) https://arstechnica.com/security/2017/05/theres-new-evidence-tying-wcry-ransomware-worm-to-prolific-hacking-group/

  58. Reply

    Microsoft Releases Another Surprising Windows XP Security Update (KB982316) The update is supposed to patch a known security flaw http://news.softpedia.com/news/microsoft-releases-another-surprising-windows-xp-security-update-kb982316-515938.shtml

  59. Reply
  60. Reply

    How to Prepare for the Next WannaCry Ransomware Outbreak Was a ‘Wake-Up Call,’ Says Dan Schiappa of Sophos http://www.govinfosecurity.com/interviews/how-to-prepare-for-next-wannacry-i-3593

  61. Reply

    ‘Basic’ WannaCry Could Open Door to New Ransomware Tactics https://www.infosecurity-magazine.com/news/basic-wannacry-ransomware-supremacy/

  62. Reply

    Jury Out on North Korea Link to Ransomware Attack http://www.securityweek.com/jury-out-north-korea-link-ransomware-attack

  63. Reply
  64. Reply

    NSA EsteemAudit exploit could trigger a new WannaCry-like attack http://securityaffairs.co/wordpress/59450/hacking/nsa-esteemaudit-exploit-patch.html

  65. Reply

    WannaCry Gives Consumers a First Look into Ransomware Although ransomware has been around for two years, it took the fast-moving and expansive WannaCry to provide a majority of consumers their first glimpse, according to a study released today. https://www.darkreading.com/threat-intelligence/wannacry-gives-consumers-a-first-look-into-ransomware/d/d-id/1328970

  66. Reply

    WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows But a Chinese-language link doesn’t shoot down theories of the North Korean Lazarus Group’s involvement in the ransomware worm attacks, say language experts at Flashpoint. https://www.darkreading.com/threat-intelligence/wannacry-ransom-notes-penned-by-chinese-speaking-authors-analysis-shows/d/d-id/1328965

  67. Reply

    WannaCry Ransomware: Fake Antivirus Apps For Android Don’t Protect Against Malware Attacks http://www.ibtimes.com/wannacry-ransomware-fake-antivirus-apps-android-dont-protect-against-malware-attacks-2543719

  68. Reply

    WannaCry ‘Link’ to North Korea Remains Tenuous Avoid the Cyber Attribution Follies: Stay Skeptical; Don’t Fear the Bogeyman http://www.govinfosecurity.com/blogs/wannacry-link-to-north-korea-remains-tenuous-p-2479

  69. Reply

    Can We Ever be Prepared for the Next WannaCry? http://www.securityweek.com/can-we-ever-be-prepared-next-wannacry

  70. Reply

    New Samba Bug Dangerous But No WannaCry The administrators of the open-source Samba software have fixed a newly discovered vulnerability that lets attackers upload malicious files to vulnerable systems and servers. https://www.darkreading.com/attacks-breaches/new-samba-bug-dangerous-but-no-wannacry/d/d-id/1328975

  71. Reply

    Windows XP Under Attack with EsteemAudit Exploit Stolen from the NSA After WannaCry, here comes a second wave of attacks http://news.softpedia.com/news/windows-xp-under-attack-with-esteemaudit-exploit-stolen-from-the-nsa-516048.shtml

  72. Reply

    The Impact of WannaCry on the Ransomware Conversation http://www.securityweek.com/impact-wannacry-ransomware-conversation

  73. Reply

    Russian postal service ‘hit by WannaCry’ http://www.bbc.com/news/technology-40044251

  74. Reply

    The WannaCry scramble
    A widespread ransomware attack propagating as a worm was a legitimate cause of alarm http://www.computerworld.com/article/3198473/malware-vulnerabilities/the-wannacry-scramble.html#tk.rss_security

Leave a Reply

Your email address will not be published. Required fields are marked *