« | Home | Recent Comments | Categories | »

74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+

Posted on May 13th, 2017 at 23:24 by John Sinteur in category: News -- Write a comment

[Quote:]

The WannaCrypt ransomware worm, aka WanaCrypt or Wcry, today exploded across 74 countries, infecting hospitals, businesses including Fedex, rail stations, universities, at least one national telco, and more organizations.

In response, Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, such as XP and Server 2003, as well as modern builds.

To recap, WannaCrypt is installed on vulnerable Windows computers by a worm that spreads across networks by exploiting a vulnerability in Microsoft’s SMB file-sharing services. It specifically abuses a bug designated MS17-010 that Redmond patched in March for modern versions of Windows, and today for legacy versions – all remaining unpatched systems are therefore vulnerable and can be attacked.

This bug was, once upon a time, exploited by the NSA to hijack and spy on its targets. Its internal tool to do this, codenamed Eternalblue, was stolen from the agency, and leaked online in April – putting this US government cyber-weapon into the hands of any willing miscreant. Almost immediately, it was used to hijack thousands of machines on the internet.

Now someone has taken that tool and strapped it to ransomware: the result is a variant of WannaCrypt, which spreads via SMB and, after landing on a computer, encrypts as many files as it can find. It charges $300 or $600 in Bitcoin to restore the documents. It is adept at bringing offices and homes to a halt by locking away their data.

So. Need another example why it’s a bad idea for three-letter agencies to hoard zero days?

  1. [Quote:]

    This is what I called short sighted finite thinking on the part of the Intelligence Community managers.

    This is also what I called (for some years now) a swindle of the tax payers. First, they find or create weaknesses then they don’t fix these weaknesses so we are all vulnerable to attack.

    Then, when attacks occur, they say they need more money for cyber security — a total swindle!!! [Indeed.]

    This is only the second swindle of the public. The first was terror efforts by saying we need to collect everything to stop terror — another lie. They said that because to collect everything takes lots and lots of money.

    Then, when the terror attack occurs, they say they need more money, people and data to stop terror. Another swindle from the start. [The war on terror is a “self-licking ice cream cone”, because it creates many more terrorists than it stops.]

    And, finally, the latest swindle “THE RUSSIANS DID IT.” This is an effort to start a new cold war which means another bigger swindle of US tax payers.

    For cyber security, I would suggest the president order NSA, CIA and any others to fix the cyber problems they know about; then, maybe we will start to have some cyber security.

previous post: We overanalyze Trump. He is what he appears to be

next post: Emergency alert!