Microsoft to NSA: WannaCry is your fault

Ensuring that your Windows operating system is up to date with the most recent security and software updates, which patch any holes and vulnerabilities in the software, makes it much more hard for a hacker to infiltrate your system and networks.

Information about the existence of the security flaw was purportedly contained in a U.S. National Security Agency toolkit that was inadvertently discovered. It urged all banks in the country to take precautions against the ransomware. “However, according to experts at Norton, in 2016 only 47 percent of victims who paid ransoms recovered their data”. “Microsoft can’t be proud”.

Individual users are the linchpin in cybersecurity and have a key role to play in their own cybersecurity. Here’s what you need to know about the WannaCry attack that hit thousands of organizations in over 100 countries around the world, including the National Health Service (NHS) in the United Kingdom. Experts say this vulnerability has been understood among experts for months, yet too many groups failed to take it seriously. In March, thousands of leaked Central Intelligence Agency documents exposed vulnerabilities in smartphones, televisions and software built by Apple, Google and Samsung Electronics.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem”, Brad Smith, Microsoft president and chief legal officer, wrote in a blog post Sunday. Also, over the weekend, Microsoft issued a patch for the unsupported OSes.

For many years cyber security has been one of the major frictions in bilateral relations between China and the USA, with Washington often pointing an accusing finger at Beijing, claiming it is engaged in state-sponsored cyber espionage, although it has offered no credible evidence to support its accusation.

Microsoft is to be lauded for its swift action in coming up with a patch for the older OSes, and it is to be hoped that this experience will provoke a rethink about support levels for what it may see as dinosaurs, but in practical terms are still far from extinct. “We are in touch with the original equipment manufacturers for the patches that may be required to be rolled out on the ATMs running on Windows XP and Windows 7, to make them additionally secure”, said Radha Rama Dorai (Country Head – ATM & Allied Services), FIS, a financial technology provider. “We reached out to everyone on Saturday, majority personally on the telephone itself so that they can kickstart their operations on Saturday and complete it on Sunday”.

In addition to the UK’s NHS, the WannaCrypt ransomware also hit Spain’s Telefonica telco and other companies in Russia, Spain, Taiwan and Ukraine, according to the security firm Malwarebytes. He noted, however, the complexity that can be involved in patching a security hole. In some cases, it was individuals and also few private firms. People probably downloaded it from e-mail and allowed it to spread.

You should make multiple backups – to cloud services and using physical disk drives, at regular and frequent intervals.

“It’s not rocket science”, Litan said.

If you had any version of Windows since Vista running the default Windows Update, you would have had the critical Microsoft Security Bulletin known as “MS17-010” pushed down to your PC and automatically installed.

They exploited a flawless storm of factors – the Windows hole, the ability to get ransom paid in digital currency, poor security practices – but it’s unclear if the payoff, at least so far, was worth the trouble.