Global ransomware attack used info stolen from NSA, says Microsoft

Global ransomware attack used info stolen from NSA, says Microsoft

WannaCry is a ransomware virus that holds computers hostage until the user meets the demands. The computer screen locks up, and displays two count-down clocks - one displaying the time until the ransom doubles and the other the time until all files are deleted. The total amount of money paid to the anonymous bitcoin wallets used by hackers was only $55,169 from 209 payments, according to Reuters based on its estimates using publicly available data.

Ultimately, "Microsoft will take a lot of heat for this, but in this instance, they performed as rapidly as they could, they have a right to be [angry]".

A hacker group - known as Shadow Brokers - obtained an arsenal of cyber warfare tools in April from the NSA, of which the USA agency called "Eternal Blue".

According to a leading news agency, the group promised in a blog published on Tuesday to release similar tools every month from June to anyone willing to pay for them for access to the tech world's biggest secrets. "Software updates and security patches are pushed to us as needed so that we are using the most current approved versions of software on our computers".

He stressed that consumers also have a pivotal role and must not be complacent.

Microsoft said the vulnerability doesn't exist within the latest version of Windows 10, but if you have an earlier version of Windows, you are encouraged to download the latest update on Microsoft's website.

"This attack has reportedly infected more than 200,000 computers, including hospitals, businesses, and government facilities across the globe". In fact, some hospitals in the United Kingdom were forced to shut down in the wake of the attack.

Among the organisations targeted worldwide have been Germany's rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia's interior ministry.

Lots of users, particularly those who are overseas, don't use automatic updates and leave their systems vulnerable, he said. Called WannaCry or WannaCrypt, the ransomware program is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. They often spend months evaluating how these updates will affect their systems and finding fixes.

Once it's in, WannaCry ransomware begins its insidious work by anonymizing communications with the attacker's servers (hiding their names and locations). Bad guys generally target Windows far more than Apple's operating system because there are vastly more computers running Windows around the world. For Microsoft, that makes it an uncomfortable reminder of how devastating even one software vulnerability can be. Note this means that the backup can't be on your computer but should be in the cloud or on an external hard drive.

Cyber experts on Tuesday said the Indian banking system could be the next victim of the WannaCry "ransomware" cyber attack, ANI reported. Everything remains secretive until hackers hacked the NSA.

Microsoft ended up distributing the free patch for the older versions on Friday - the day the ransomware was detected.

Digital Trends Senior Editor Matt Smith told KOIN 6 News these types of attacks can be devastating.