1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

[email protected] (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 9,2020

Twitter has hinted that it is planning a paid subscription platform that can be reused by other teams in the future.

The news that the micro-blogging platform is building a subscription platform with a team codenamed "Gryphon" resulted in Twitter stock rising over 8% on Wednesday.

Twitter revealed its plan via a job listing that seeks a full-stack senior software engineer in New York to join "Gryphon".

Interestingly, Twitter "edited" the job listing once the news broke, removing the part about "Gryphon" and any mention of their internal team or their subscription feature. The listing said the company is looking for an Android engineer to "work on a bevy of backend engineering teams to build components that allow for experimentation to deliver the best experience possible to all of our users".

Later, Twitter users noticed that the company restored the earlier job listing that mentioned the upcoming subscription platform and "Gryphon".

A spokesperson for Twitter told CNN on Wednesday that it's only a job posting, not a product announcement.

This is not the first time Twitter has thought of a paid product. 

In 2017, it sent out a survey to users and a preview of what a premium offering of its TweetDeck app might look like, including breaking news alerts and more analytics, according to The Verge.

"We're conducting this survey to assess the interest in a new, more enhanced version of Tweetdeck. We regularly conduct user research to gather feedback about people's Twitter experience and to better inform our product investment decisions, and we're exploring several ways to make TweetDeck even more valuable for professionals," a Twitter spokesperson had said at that time.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 7,2020

Toronto, May 7: Scientists have uncovered how bats can carry the MERS coronavirus without getting sick, shedding light on what triggers coronaviruses, including the one behind the COVID-19 pandemic, to jump to humans.

According to the study, published in the journal Scientific Reports, coronaviruses like the Middle East respiratory syndrome (MERS) virus, and the COVID19-causing SARS-CoV-2 virus, are thought to have originated in bats.

While these viruses can cause serious, and often fatal disease in people, bats seem unharmed, the researchers, including those from the University of Saskatchewan (USask) in Canada, said.

"The bats don't get rid of the virus and yet don't get sick. We wanted to understand why the MERS virus doesn't shut down the bat immune responses as it does in humans," said USask microbiologist Vikram Misra.

In the study, the scientists demonstrated that cells from an insect-eating brown bat can be persistently infected with MERS coronavirus for months, due to important adaptations from both the bat and the virus working together.

"Instead of killing bat cells as the virus does with human cells, the MERS coronavirus enters a long-term relationship with the host, maintained by the bat's unique 'super' immune system," said Misra, one of the study's co-authors.

"SARS-CoV-2 is thought to operate in the same way," he added.

Stresses on bats, such as wet markets, other diseases, and habitat loss, may have a role in coronavirus spilling over to other species, the study noted.

"When a bat experiences stress to their immune system, it disrupts this immune system-virus balance and allows the virus to multiply," Misra said.

The scientists, involved in the study, had earlier developed a potential treatment for MERS-CoV, and are currently working towards a vaccine against COVID-19.

While camels are the known intermediate hosts of MERS-CoV, they said bats are suspected to be the ancestral host.

There is no vaccine for either SARS-CoV-2 or MERS, the researchers noted.

Follow latest updates on the COVID-19 pandemic here

"We see that the MERS coronavirus can very quickly adapt itself to a particular niche, and although we do not completely understand what is going on, this demonstrates how coronaviruses are able to jump from species to species so effortlessly," said USask scientist Darryl Falzarano, who co-led the study.

According to Misra, coronaviruses rapidly adapt to the species they infect, but little is known on the molecular interactions of these viruses with their natural bat hosts.

An earlier study had shown that bat coronaviruses can persist in their natural bat host for at least four months of hibernation.

When exposed to the MERS virus, the researchers said, bat cells adapt, not by producing inflammation-causing proteins that are hallmarks of getting sick, but instead by maintaining a natural antiviral response.

On the contrary, they said this function shuts down in other species, including humans.

The MERS virus, the researchers said, also adapts to the bat host cells by very rapidly mutating one specific gene.

These adaptations, according to the study, result in the virus remaining long-term in the bat, but being rendered harmless until something like a disease, or other stressors, upsets this balance.

In future experiments, the scientists hope to understand how the bat-borne MERS virus adapts to infection and replication in human cells.

"This information may be critical for predicting the next bat virus that will cause a pandemic," Misra said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 26,2020

Facebook will introduce a new notification screen on its platform that will warn users if the article they are about to share is over 90 days old, the company announced on Thursday.

“We’re starting to globally roll out a notification screen that will let people know when news articles they are about to share are more than 90 days old,” Facebook wrote in a blog post.

The social media platform had previously introduced a context button in 2018 that provides information about the sources of articles in the News Feed. Building upon that, the new feature will inform users about the timeliness of the article.

“To ensure people have the context they need to make informed decisions about what to share on Facebook, the notification screen will appear when people click the share button on articles older than 90 days, but will allow people to continue sharing if they decide an article is still relevant,” Facebook said.

The social media giant stated that timeliness is important in understanding the context of an article and curbing the spread of misinformation on the platform.

“News publishers, in particular, have expressed concerns about older stories being shared on social media as current news, which can misconstrue the state of current events. Some news publishers have already taken steps to address this on their own websites by prominently labelling older articles to prevent outdated news from being used in misleading ways,” Facebook added.

Apart from this, the platform will also be testing a similar notification screen for information related to the global Covid-19 pandemic. The notification screen will provide information about the source of the link shared in a post if the link is related to information on Covid-19. It will also direct people to its previously introduced Covid-19 information centre for “authoritative” health information, it said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.