Amakuru y’ikoranabuhanga

Accueil > technews > cyber security > Businesses urged to apply Windows patch to avert WannaCry attacks

Businesses urged to apply Windows patch to avert WannaCry attacks

mardi 16 mai 2017, par billy

Security advisers are urging organisations to patch their Windows systems to avert a possible second wave of an unprecedented, indiscriminate ransomware attack.

More than 200,000 computers in 150 countries are believed to have been hit by Wanna Cry ransomware that encrypts data and demands payment for its release since the campaign started on 12 May 2017.

On 15 May 2017, the UK National Crime Agency (NCA) said in a tweet : "We haven’t seen a second spike in WannaCry ransomware attacks, but that doesn’t mean there won’t be one."

The NCA said victims of cyber crime should report directly to ActionFraud and should not pay the ransom demand.

Analysis of three accounts linked to the ransom demands indicate that only about $38,000 had been paid by in the first three days of the attack, according to the BBC.
In England, 48 National Health Service (NHS) trusts reported problems at hospitals, GP surgeries or pharmacies. In Scotland, 13 NHS organisations in Scotland were affected.

Internationally, Germany’s rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia’s interior ministry were hit by the ransomware.

According to Kaspersky Lab, WannaCry infections were also detected in Australia, India and several countries in Africa and South America.

UK parliamentary workers and MPs were advised not to use non-Parliamentary email services on Microsoft Windows parliamentary IT equipment at the weekend. They were also told to avoid using Gmail, Yahoo mail and other personal email services on parliamentary equipment operating Microsoft Windows and “exercise caution” when opening email on personal devices.

Europol director Rob Wainwright and security advisors have warned of a possible second wave of the attack after a new variant of the malware was identified that has been modified to be immune to a temporary fix that was used by volunteers to slow down the spread of the ransomware late on Friday.

A UK security researcher known only as “MalwareTech” was among those who helped to limit the first wave of attacks by buying the domain used by the command and control (C2) server for the malware.

This slowed the attack and enabled MalwareTech, who wants to remain anonymous, to find a kill switch for the ransomware.

“The kill switch wasn’t discovered until about three hours after we’d bought the domain which had already killed all subsequent infections,” the researcher told Sky News. “From what I can see, it killed every infection that contacted our C2.”

Un message, un commentaire ?

modération a priori

Ce forum est modéré a priori : votre contribution n’apparaîtra qu’après avoir été validée par un administrateur du site.

Qui êtes-vous ?
Votre message

Pour créer des paragraphes, laissez simplement des lignes vides.