Wannacry: worst ransome attack ever, who is to blame?

A nasty strain of ransomware spread across the world on 12 May, infecting networks in more than 100 countries including the UK, where 40 NHS organisations including hospitals and GP surgeries were forced to go offline and cancel appointments. It’s been called, by Avast and others, the worst ransomware outbreak in history. The WannaCry ransomware, also known as WannaCrypt and Wanna Decryptor, locked down PCs by encrypting files, showing a message demanding $300(about £232) in Bitcoin within three days or the data would disappear forever. The ransomware appeared to infect Windows computers via a vulnerability that was hoarded and then leaked by the American National Security Agency. Many reports also pointed out that NHS computers running Windows XP, which hasn’t received security updates from Microsoft for more than three years were particularly vulnerable to infection. The rapid spread of WannaCry was at least temporarily halted by a 22-year-old British security researcher, who noticed the ransomware was contacting a website before infecting computers. That website didn’t actually exist, so the researcher registered the domain –and this turned out to be a built-in ‘kill switch’. The ransomware saw the domain appear, and stopped spreading. That doesn’t mean WannaCry is dead, simply that this version of the threat has been paused for the moment, at least. WannaCry spread across the globe, wreaking havoc in more than 100 countries

How can it be avoided?

If you’re running Windows XP, it’s well past time to upgrade –either get a new PC or update to Windows 7 at the very least. If you’re running any other version of Windows, make sure the OS is up to date by checking your Windows Update status in ‘System and Security’. Going forward, make sure you have Automatic Updates switched on. they may be annoying, but they’ll help keep you protected from such attacks. Also make sure you have backups of all key data, so you can still access your files if you’re infected by ransomware.
As Ever, help your less tech-savvy friends and family by making sure they’re running an up-to-date operating system and software, and that they too have backups of essential files. And remember the key rule: never open an email attachment or click a link in a message from an unknown sender.

Who’s to blame for the attack?

Initial evidence suggests that the hackers were based in North Korea, and are believed to be the Lazarus Group. the same criminals behind the attack against Sony Pictures in 2014. But many experts are also blaming Microsoft for failing to provide security for patches for Windows XP unless users pay a fee. Microsoft has since issued a patch for Windows XP, but this came months after the fixes for newer versions of the OS. Some pin the blame on poor funding for the NHS, while others note that Microsoft did in fact roll out patches for most versions of Windows, but some people –be they individuals or organisations –didn’t bother to install them. And then there’s the NSA,which knew about the very serious vulnerabilities in Windows, but didn’t tell Microsoft because it wanted to use the holes in the code for its own purposes. However, the weaponised flaws were leaked, and ended up in hackers’ hands. Will there be more attacks? Do You really need to ask? Of course there will. this is the second time the hackers have used WannaCry in such an attack and it was hugely successful, so why should they stop? And if the existing vulnerabilities are fixed, the criminals can simply find new flaws to poke their way in. Even if the WannaCry hackers are caught and jailed, there are plenty of other criminals out there running ransomware campaigns, and such attacks have risen steadily over recent years.

What do we think?(web user magazine)

we depend on a bit of a pass. But that’s no excuse for the rest of us. many organisations that don’t suffer the limited funds and IT support of the NHS were also hit by the ransomware, including Telefonica, Renault and FedEx, so it’s not only about money and perceived technical knowledge. Installing updates can be annoying, but it’s much worse to be hit by ransomware, and even more serious to be one of those who helped it spread. This incident has made the repercussions of such hacks clear, while the hackers made only tens of thousands of dollars from the attack, many people will have lost key work and personal files, and hospitals had to postpone operations and important treatment, and turn away ambulances. WannaCry proves that digital security can have a serious offline impact. let’s sort this out before people lose their lives. The extent and speed of this hack highlights how bad we all are at prioritising security. We all know we need to keep our operating systems and software updated, run decent antivirus and backup our data, yet major organisations failed to do so. We hope Microsoft will do all it can to ensure that poorly funded but essential organisations such as the NHS get as much free help as possible. The company makes enough profit from the people to give hospitals and others