Thousands of computers around the world are falling prey to a ransomware attack called WCry, although it’s also goes by WannaCry, WanaCryptor, or several other related names. According to the BBC, there have been reports of infected computers in “more than 70 countries, including the UK, US, China, Russia, Spain, Italy, and Taiwan.”
The malware locks users out of their computers unless a ransom is paid in Bitcoin. The National Health Service has been hit in the UK, causing surgeons to cancel operations and emergency rooms to scale back. Spanish wireless carrier Telefonica has also been hit.
The root of the problem? A Microsoft Windows security vulnerability first identified by the US National Security Agency, and released last month by a group called Shadow Brokers.
Update: The WannaCrypt ransomware has been (at least temporarily) halted from causing damage, and Microsoft has taken the unusual step of releasing security updates for all users running Windows XP or newer versions of Windows, even though official support for that OS ended years ago.
Microsoft
To Microsoft’s credit, the company has already released a security update that patches the vulnerability exploited by the WCry ransomware. In fact, the patch was released before the Shadow Brokers published their report.
The problem is that some users are slow to install updates… particularly large corporate or government networks. Microsoft even provides tools that make it easier for those customers to pause or delay updates.
So there are probably millions of vulnerable computers, and we already know that tens of thousands have been affected.
Today’s ransomware attack is a good reminder of two things:
- You should always try to stay up to date on security updates for your computer and other devices.
- This is what can happen when government agencies like the NSA (or CIA) stockpile known security vulnerabilities rather than making them known to the affected parties so that patches can be released before any damage is done.
To that latter point, if the NSA had let Microsoft know about the flaw as soon as it was discovered, there’s a better chance that many of the computers being infected today could have been protected against the ransomware attack.
And even if Shadow Brokers hadn’t released the NSA’s hacking tools, the vulnerability still existed and it could have been discovered by someone working independently.
Sure, government spy and law enforcement agencies need to be able to conduct covert investigations. But today we’re seeing one of the possible outcomes of keeping a private library of security exploits to do that: innocent people end up paying the price.
Innocent people always pay the price. At least it’s their data, not their lives this time.
You mean well but this ransomware is affecting medical care providers.
Exactly. This has caused mayhem here, especially as the NHS has a lot of legacy software – a lot of it written in ActiveX on windows xp systems. Hardening those was always going to be tough, but not helped when vulnerabilities aren’t disclosed to software vendors!
Did you read the article?
“Innocent people always pay the price.”-
The result of the systems principle.Governments main purpose was intended to protect its highest authority “the people”. Now it just approves for itself ways to use the people unencumbered as a consumable resource. The ultimate penalty of consumerism is how it inevitably brings about its own demise.
“Today’s ransomware attack is a good reminder of two things”
It is also a reminder that people and organisations who run BSD or GNU/Linux systems do not suffer from these Windoze-exploit criminal attacks
That’s right, they suffer from BSD or GNU/Linux exploit criminal attacks because they’re not Windows.
It doesn’t make any sense such affirmation. Having an Android phone using the Linux kernel in your pocket doesn’t make you a criminal.
You don’t seem to have understood this comment thread. Please read it again.
Complete nonsense, this exploit was developed by the NSA and targets the ancient SMB v1.0 protocol (which has it’s roots in IBM OS/2!), any linux OS is just as vulnerable to such an organization and legacy software.
SMB 1.0 was depreciated a long time ago and replaced with much more secure versions but lazy companies and institutions refuse to update their software, hardly Windows or Microsofts fault.
Staged by banksters.