Companies Victimized By WannaCry Ransomware Could Be Sued For Negligence

The malware spread quickly on Friday, with medical staff in the United Kingdom reportedly seeing computers go down "one by one". What was going on?

Then you may want to consider a service contract from a local company such as SofTech They have an annual computer maintenance plan that covers any and all in-store computer repairs whenever you need it, for one yearly fee. The malware was first detected in March and publicly reported stolen from the NSA a month later.

Most alarming, WannaCry did not spread across networks in the usual way, through people clicking on email attachments. "Until hundreds of thousands of unpatched Windows systems have been updated, a WannaCry 2.0 campaign could effectively pick up where Friday's attack left off", he wrote.

The massive ransomware campaign specifically targeted the healthcare industry.

WannaCrypt exploits a very specific hole in Windows called Server Message Block connections. If these companies are found guilty of being negligent on their security updates, they could be in a lot of trouble.

But, as the world grapples to overcome the effect of "WannaCry", and even though it has even managed to halt its spread, the ransomware has evolved into numerous new variants over the weekend.

Defending them will not get easier but properly using the tools already available will make life more hard for the bad guys and give your organisation the best chance of recovering fast if you do become a victim.

This is obvious, given that WannaCry is nothing new, thematically.

French automaker Renault and its partner, Nissan, say their plants were hit by the attack, NBC reports.

As with the NSA's EternalBlue, the tool on which WannaCry was based, EsteeMaudit exploits a vulnerability in Microsoft's Windows software in the way in which networked machines communicate with each other.

Siemens and Bayer were not alone in providing disclosures regarding potential WannaCry vulnerabilities. Microsoft did issue patches for the vulnerabilities before the attacks took place, but not everyone downloaded them.

Sean Pike, program VP in the security products group at IDC, a tech industry research provider, pointed that everyone has been a bit numb to attacks because it is something they hear so much about now and Microsoft benefits from that.

He highlighted that the government had invested £50 million in supporting NHS IT networks during its last strategic defense and security review, and insisted that individual trusts were well-equipped to ensure they could protect themselves against cyber-attack.

Microsoft and its peers shouldn't count on the NSA to hand over information about vulnerabilities; spies will be spies. These civilian systems, however, will always lag behind - and that's why the NSA thinks old Windows vulnerabilities are worth hoarding. Most of the defense against such attacks comes in its prevention. The other weakness is that it attacked computers with Windows XP, not the newer Windows 7 or Windows 10.

Last week, one of the largest cyber security attacks of recent times affected over 300,000 Windows systems worldwide with WannaCry or WannaCrypt ransomware - a malware which exploits a Windows bug and gains access to the system, locking the crucial files. Those who hadn't installed those patches before the "WannaCry" outbreak now have another reminder of how crucial it is to stay up-to-date. But is the public sector really any worse than the private sector at keeping its IT security up to date and avoiding cybercrime?

You must install a fix released by Microsoft to prevent further infections and propagation. The initial attack had started after many offices had closed Friday.


Popular

CONNECT