After the massive WannaCry attack, Microsoft condemns spy agencies
Microsoft chastised intelligence agencies for their participation in the WannaCry virus, which devastated hundreds of thousands of systems across the globe, comparing the loss of the NSA hacking tools that made it possible to “the United States military having some of its Tomahawk missiles stolen.”
In doing so, Microsoft questioned the government’s habit of storing zero-day vulnerabilities, a kind of malware that may have disastrous implications if it falls into the wrong hands.
What was WannaCry’s asking price?
The ransom demand was insignificant by today’s standards. Only $300 per infected device, with the fee increasing to $600 if not paid after three days. Because the transactions are logged on the blockchain, it is possible to know how many payments were made. If you really need money now to pay the asking price, then you may apply for a loan. It is for emergency use only.
A Call to Action
In a sharply worded business blog post, Microsoft president Brad Smith stated, “This assault gives yet another illustration of why governments collecting vulnerabilities is such a concern.”
“We’ve seen CIA vulnerabilities appear on Wikileaks, and now a weakness stolen from the National Security Agency has impacted clients all across the globe.” Exploits in the hands of governments have often spilled into the public sphere, causing widespread harm.”
He went on to say that the current ransomware assault should serve as a “wake-up call” to governments all over the globe, reminding them that they must “adhere in cyberspace to the same norms that apply to weapons in the real world.” Smith, also Microsoft’s chief legal officer, used the opportunity to renew his plea for a Digital Geneva Convention on cyber warfare, which he first proposed in February at the RSA security conference.
“The time has come for the world’s countries to join together, reinforce international cybersecurity standards that have formed in recent years, create new and enforceable laws, and get to work implementing them,” he said at the time.
To protect civilian internet use, Microsoft’s proposed Digital Geneva Convention would require governments to report vulnerabilities to vendors rather than stockpile, sell, or exploit (or lose) them, similar to how the Fourth Geneva Convention provided a set of rules governing the treatment of civilians in wartime following World War Two.
WannaCry was a ransomware attack that spread over the internet.
Last Friday, the WannaCry ransomware outbreak (also known as WannaCrypt, Wana Decryptor, or WCry) started in the United Kingdom and Spain and quickly expanded to dozens of other countries. WannaCry uses an NSA-created vulnerability nicknamed “EternalBlue,” which was disclosed together with other NSA hacking tools by the Shadow Brokers in April. It uses a flaw in Windows software to lock down victims’ files, then presents them with a ransom letter demanding $300 or $600 in Bitcoin in return for access to be released.
It’s worth mentioning that Microsoft released a security fix for this same flaw in March. On the other hand, thousands of users failed to upgrade their systems promptly.
The capacity of WannaCry to seek out weak devices and disseminate itself inside a computer network like a worm, along with users’ and businesses’ casual attitude toward security, prepared the stage for Friday’s hack to grow and expand at an unprecedented scale.
WannaCry has infected at least 300,000 computers as of last count, devastating hospitals, transportation networks, and government organizations in over 150 nations.
FedEx, Russia’s interior ministry, Telefonica, a prominent Spanish telecoms operator, and the UK National Health Service are high-profile victims.
WannaCry lingers in Europe and continues to hit new targets in Japan and China, where the popularity of pirated Windows software has left computers especially vulnerable, according to NPR.
While its advance slowed significantly over the weekend due to a happy accident (detailed below), WannaCry lingers in Europe and continues to hit new targets in Japan and China, where the popularity of pirated Windows software has left computers especially vulnerable.
Despite its worrying spread, WannaCry has proved to be ineffective at obtaining ransom money and poorly constructed. According to Wired, the hackers have so far collected an estimated $55,000 — a pittance in comparison to the worldwide magnitude of their internet-shattering onslaught – owing to flaws in WannaCry’s ransom capabilities.
Another unexplained blunder by the hackers was the inclusion of an Achilles heel in their code, which was accidentally activated by a researcher named MalwareTech. MalwareTech discovered when reverse-engineering WannaCry that the ransomware was intended to ping a specific gibberish URL to see whether it was running.
He paid roughly $10 to register that domain name, which immediately impacted deactivating the WannaCry strain and saving tens of thousands of PCs. Because of the inefficiencies above, several security experts are asking whether the WannaCry hackers were motivated by political goals (such as humiliating the NSA) rather than monetary gain. However, WannaCry’s ability to self-propagate implies that such assaults will become more common in the future, maybe spurred by more skilled cybercriminals looking for a greater reward.
As expected by security experts, WannaCry has already spawned a slew of copycats. On Monday, Check Point, a cybersecurity company, disclosed the identity of a new WannaCry version that was spreading at a pace of around one machine per second. Thankfully, that variation also included a similar built-in “kill switch” that Check Point could engage in terminating.