1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

[email protected] (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 9,2020

New Zealand's research institute in Antarctica is scaling back the number of projects planned for the upcoming season, in an effort to keep the continent free of coronavirus, it was reported on Tuesday.

The government agency, Antarctica New Zealand, told the BBC on Tuesday that it was dropping 23 of the 36 research projects.

Only long-term science monitoring, essential operational activity and planned maintenance will go ahead.

The upcoming research season runs from October to March.

"As COVID-19 sweeps the planet, only one continent remains untouched and (we) are focused on keeping it that way," Antarctica New Zealand told the BBC.

The organisation's chief executive Sarah Williamson said the travel limits and a strict managed isolation plan were the key factors for keeping Scott Base - New Zealand's research facility - virus free.

"Antarctica New Zealand is committed to maintaining and enhancing the quality of New Zealand's Antarctic scientific research. However, current circumstances dictate that our ability to support science is extremely limited this season" she said.

Earlier in April, Australia announced that it would scale back its activity in the 2020-21 summer season.

This included decreasing operational capacity and delaying work on some major projects.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 22,2020

Chennai, Jun 22: Commuting the death sentence to life imprisonment for five convicts, the Madras High Court on Monday set free Chinnasamy, the main convict, who had also been sentenced to death in the Udumalpet Shankar honour killing case.

A Division Bench comprising Justice M. Sathyanarayanan and Justice M. Nirmal Kumar also dismissed the appeal by the state police against the acquittal of three persons by a lower court.

The Bench ordered the five convicts sentenced for life to undergo a jail term of not less than 25 years.

In 2016, V. Shankar, who had married C. Kausalya, was killed by a gang in Udumalpet in Tamil Nadu. The gang also injured Kausalya in the attack.

It was alleged the parents of Kausalya -- Chinnasamy, Annalakshmi -- were against the marriage.

P. Pandidurai, the uncle of Kausalya at the behest of Chinnasamy and Annalakshmi had hired a gang to kill Shankar.

The gang killed Shankar in broad daylight in a public place and Kausalya too got injured in the attack as she tried to save her husband.

The Principal District and Sessions Court in Tiruppur had convicted and sentenced to death six accused persons -- Chinnasamy, P. Jagadeesan, P. Selvakumar, M. Manikandan, M. Mathan alias Michael and P. Kalaithamilvaanan.

The court also sentenced two other accused, K. Dhanraj for life and Manikandan to a five year jail term, while acquitting Annalakshmi, Pandidurai and Prasanna.

The convicts had filed an appeal against their sentence in the Madras High Court while the police filed an appeal against the acquittal of three persons.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
February 17,2020

Google on Monday announced it is gradually winding down its free public Wi-Fi Station programme currently available at over 400 railway stations in India, and will work with the Indian Railways and Railtel Corporation to help them with existing sites so they can remain useful resources for people.

Google launched its Station initiative in India in 2015 to bring fast, free public Wi-Fi to over 400 of the busiest railway stations in the country by mid-2020.

"We crossed that number by June 2018 and implemented Station in thousands of other locations around the country in partnership with telecommunications companies, ISPs and local authorities," Caesar Sengupta, Vice President, Payments and Next Billion Users, Google, said in a statement.

"Over time, partners in other countries asked for Station too and we responded accordingly. We're grateful for these partnerships, especially with the Indian Railways and the Government of India, that helped us serve millions of users over the last few years," he added.

According to Google, the decision to shut Station has been taken keeping the affordable mobile data plans and mobile connectivity in mind that is improving globally including in India.

"India, specifically now has among the cheapest mobile data per GB in the world, with mobile data prices having reduced by 95 per cent in the last 5 years, as per TRAI in 2019," said Sengupta.

The Indian users consume close to 10GB of data, each month, on average, according to reports.

"Our commitment to supporting the next billion users remains stronger than ever, from continuing our efforts to make the internet work for more people and building more relevant and helpful apps and services," Sengupta noted.

Global networking giant Cisco last year teamed up with Google to roll out free, high-speed public Wi-Fi access globally, starting with India.

The first pilot under the partnership was rolled out at 35 locations in Bengaluru.

Sengupta said that in addition to the changed context, the challenge of varying technical requirements and infrastructure among our partners across countries has also made it difficult for Station to scale and be sustainable, especially for our partners.

"And when we evaluate where we can truly make an impact in the future, we see greater need and bigger opportunities in building products and features tailored to work better for the next billion user markets," he said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.