1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

satheeshmankulamk@outlook.com (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 21,2020

The World Health Organisation (WHO) on Saturday launched a Health Alert on WhatsApp where over 1.5 billion users can ask questions and they will be provided with reliable information about new coronavirus 24/7.

This will also serve government decision-makers by providing the latest numbers and situation reports, WhatsApp said in a statement.

To contact the WHO Health Alert, save the number +41 79 893 1892 in phone contacts, and then simply text the word 'Hi' in a WhatsApp message to get started.

The service responds to a series of prompts and will be updated daily with the latest information.

"You can also visit the WhatsApp Coronavirus Information Hub at whatsapp.com/coronavirus," and click on the WHO link on the homepage to open up a chat with the WHO Health Alert if you have WhatsApp installed," said the micro-blogging platform.

The WHO Health Alert will provide official information on topics such as how to protect yourself from infection, travel advice, and debunking new coronavirus myths.

The service is initially launching in English but will be available in all six languages within the coming weeks (English, Arabic, Chinese, French, Russian and Spanish.)

"Digital technology gives us an unprecedented opportunity for vital health information to go viral and spread faster than the pandemic. We are proud to have partners like Facebook and WhatsApp, that are supporting us in reaching billions of people with important health information," said Dr Tedros Adhanom Ghebreyesus, Director-General of the WHO.

The WHO Health Alert is the latest official NGO or government helpline to become available on WhatsApp, joining the Singapore Government, The Israel Ministry of Health, the South Africa Department of Health, and KOMINFO Indonesia.

Earlier this week, WhatsApp, in partnership with the World Health Organization, UNICEF, and UNDP, launched the WhatsApp Coronavirus Information Hub. The hub offers general tips and resources for users around the world to reduce the spread of rumours and connect with accurate health information.

WhatsApp also announced a $1 million grant to the International Fact Checking Network to support fact-checking for the #CoronaVirusFacts Alliance.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 13,2020

Amid the rapid spread of the novel coronavirus (COVID-19), which has infected 73 people in India and killed more than 4,500 individuals globally, doctors have advised that in addition to regularly washing hands, one should also disinfect their smartphone every 90 minutes with alcohol-based hand sanitizer.

Ravi Shekhar Jha, Head of Department at Fortis Escorts Hospital in Faridabad said the best method to disinfect your smartphone is to use regular doctor spirit or the alcohol-based hand sanitizer at least every 90 minutes.

"Avoid touching your eyes, mouth, or nose. The best option is to use a phone cover or a Bluetooth device and try to touch your phone as less as possible. We would also recommend cleaning your phone at least twice a day," Jha told IANS.

According to research, published in 2018 by Insurance2Go, a gadget insurance provider, revealed that smartphone screens have three times more germs than a toilet seat.

One in 20 smartphone users was found to clean their phones less than every six months, said the study.

"In the time of fear of coronavirus, smartphones should also be disinfected with alcohol-based sanitizer rub. Pour few drops of sanitizer on a tiny clean cotton pad and rub it safely on your entire phone," said Jyoti Mutta, Senior Consultant, Microbiology, Sri Balaji Action Medical Institute in New Delhi.

"You can repeat this process every evening coming back home after an entire day out at work and once in the morning before going out," Mutta added.

"Maintain basic cleanliness, and try to avoid using other's phones especially if suffering from respiratory illness or flu-like symptoms as there is no other way to disinfect these regular gadgets," she stressed.

Another study from the University of Surrey in the UK, also found that the home button on your smartphone may be harbouring millions of bacteria - some even harmful.

The World Health Organisation (WHO) declared the novel coronavirus as a global pandemic on Wednesday. The death toll of COVID-19 has crossed the 4,500 marks and confirmed cases globally have touched one lakh as per the reports.

According to Suranjeet Chatterjee, Senior Consultant in Internal Medicine Department of Indraprastha Apollo Hospitals in New Delhi, "We should frequently wash our hands, cover our coughs and it is important to adapt to other good hygiene habits that are most important in such a situation."

"Coronavirus and other germs can live on surfaces like glass, metal or plastics and phones are bacteria-ridden. It is necessary that we sanitize our hands frequently and make sure that our hands are clean all the time," Chatterjee told IANS.

"The emphasis should be laid on sanitising our hands rather than sanitizing the phone - once in a while the phone can be sanitized under the guidance of the makers of the phone," Chatterjee stressed.

According to the global health agency, the most effective way to protect yourself against coronavirus is by frequently cleaning of your hands with alcohol-based hand rub or washing them with soap and water.

The WHO's report showed the virus infects people of all ages, among which older people and those with underlying medical conditions are at a higher risk of getting infected.

People should eat only well-cooked food, avoid spitting in public, and avoid close contact, the WHO said, adding that it is important for people to seek medical care at the earliest if they become sick.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
February 29,2020

Ahmedabad, Feb 29: The presence of two feral pigeons onboard a GoAir flight at the airport in Ahmedabad in Gujarat created a flutter among the amused passengers, even though the avian surprise did not lead to any untoward incident or delay in the flight.

The incident took place on Friday when the passengers were boarding the Ahmedabad-Jaipur flight.

"Two pigeons had found their way inside the flight G8 702 while the passengers were boarding," an airline statement said on Saturday.

"The crew immediately shooed away the birds. The flight took off at its scheduled time at 5 p.m.," it added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.