US security agency should take some blame for ransomware attack: Chinese media

Posted May 19, 2017

In light of the recent WannaCry ransomware attacks on a few Maharashtra government office computers, the state has come up with helpline numbers for a few days to guide organisations and institutions prevent and remedy such such cyber attacks, if any.

One theory suggested that 90 percent of NHS trusts across the United Kingdom were using Microsoft's 16-year-old OS Windows XP, which could leave them susceptible to attacks.

Once the computer's data has been encrypted, or locked down, a message would appear saying that the users' files are no longer accessible. To do all this, the software exploits a vulnerability in Microsoft Windows that is thought to have been first identified by the National Security Agency and was later leaked online.

The problem comes with using old versions of Windows or not taking the update patches that Microsoft puts out. Brad Smith, Microsoft's top lawyer, criticized USA intelligence agencies for "stockpiling" software code that can be used by hackers.

There are over 2.2 lakh ATMs in India, of which many old ones run on Windows XP.

In response, then life sciences minister George Freeman said: "We are working with suppliers, including Microsoft, to help health and care organisations update their systems and make sure they are safe to use and store data". Windows computers that are not up to date on security updates from Microsoft are vulnerable to infection. "When you click on anything, a pop-up window opens where the attacker asks for more ransom to decrypt files". But many corporations don't automatically update their systems, because Windows updates can screw up their legacy software programs.

According to the report, "the high price highlights the quandary the world's biggest software company faces as it tries to force customers to move to newer and more secure software, while at the same time earning a profit from the army of engineers it employs on security issues".

Then there's the USA government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals.

"The governments of the world should treat this attack as a wake-up call".

In related news, researchers say that they found digital clues that suggest that North Korean hackers may be responsible for the WannaCry campaign. The "WannaCry" ransomware swiftly spread across 200,000 computers in 150 countries, causing Microsoft to issue an emergency patch for those still running outdated Windows XP systems.