Welcome to WebmasterWorld Guest from 54.198.118.102

Forum Moderators: bill

Featured Home Page Discussion

WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft

     
9:14 pm on May 14, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7507
votes: 505


The WannaCrypt ransomware worm, aka WanaCrypt or Wcry, today exploded across 74 countries, infecting hospitals, businesses including Fedex, rail stations, universities, at least one national telco, and more organizations.

In response, Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, such as XP and Server 2003, as well as modern builds.

[theregister.co.uk...]

Patch/update your installs NOW.
9:27 pm on May 14, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:8341
votes: 339


Related discussion: [webmasterworld.com...]
10:14 pm on May 14, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7507
votes: 505


Yup, that's related, this just announces the PATCH by MS and patch it right now. :)
10:16 pm on May 14, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7507
votes: 505


All of these are related to the leak of NSA cyber tools leaked by that wiki thingie sometime back.
10:16 pm on May 14, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7507
votes: 505


And this one hit 74 countries at the same time. Whew!
3:18 pm on May 15, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:24156
votes: 522



System: The following message was spliced on to this thread from: https://www.webmasterworld.com/website_security_webmasters/4849387.htm [webmasterworld.com] by engine - 4:35 pm on May 15, 2017


Microsoft has called for collective action over the WannaCrypt cyberattack [webmasterworld.com] which took place in the last few days.
It says that the exploits were taken from the U.S. National Security Agency, or NSA, and Microsoft had already patched the newer systems, however, many of these systems hit appear to be unpatched.

Microsoft has said it's also taken the decision to provide assistance to users of older systems, and is issuing patches that immunize Windows XP, 8, and Server 2003.

this attack demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers. The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise theyíre literally fighting the problems of the present with tools from the past. This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and itís something every top executive should support. Microsoft Calls For Collective Action Over WannaCrypt Cyberattack [blogs.microsoft.com]
this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017.
We should take from this recent attack a renewed determination for more urgent collective action. We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks. More action is needed, and itís needed now. In this sense, the WannaCrypt attack is a wake-up call for all of us.


Of course, backups, backups, backups.
10:56 am on May 16, 2017 (gmt 0)

Preferred Member

10+ Year Member Top Contributors Of The Month

joined:July 23, 2004
posts:500
votes: 41


Of course, backups, backups, backups.


... and be sure that your backups cannot be accessed directly via your local network -- If you can access your backups directly from your network, it would be as if you never created any backups at all, because the worm will infect those too.
11:14 am on May 16, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:8341
votes: 339


and be sure that your backups cannot be accessed directly via your local network
I've met several people that leave their extetnal SSD plugged into their computer. I think unmounting the drive scares them.
2:26 pm on May 17, 2017 (gmt 0)

Preferred Member

10+ Year Member Top Contributors Of The Month

joined:July 23, 2004
posts:500
votes: 41


This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone,


Sure, like providing a patch for XP -- Irresponsibility is allowing dated systems to exist in the first place -- Though XP is still being supported in many cases, grocery stores and various government applications still use it on a regular basis, you would think that Microsoft would write in a kill switch for systems they no longer support - That would eliminate quite a few boxes that don't care about security at all ... just sayin'
3:08 pm on May 17, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:24156
votes: 522


As i understand it, mcneely, some larger businesses pay Microsoft to support their systems, even on publicly-out-of-date operating systems.

The biggest problem with this WannaCrypt attack is that people didn't update their systems in a timely fashion.

Yes, backups off the network, and off site can play a valuable role in recovering systems from such malware, whatever the operating system, and it's been part of my routine for over twenty five years. Fire, theft and now malware are part of my disaster recovery document.
12:43 am on May 20, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:8341
votes: 339


I received an email from my home owner's insurance carrier offering a new add-on "Cyber Insurance" which seemed tailor made for situations like this. Some of the coverage was for recovering data, ransome costs, loss of income, etc.

Anyone else?
12:32 am on May 21, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7507
votes: 505


I haven't seen that, but where there's a risk market there's probably someone willing to insure it.
8:21 pm on May 21, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:8341
votes: 339


Also, I just saw an advertiser with a dynamic colorful ad "Don't Get Held Hostage by Ransomware... Get Your Free Ransomware Toolkit"
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members