1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

[email protected] (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 16,2020

Claiming that e-commerce giants like Amazon import as much as 80 per cent of the items sold on their platforms, small manufacturers' body has said that their business models do not benefit local industry and are creating jobs of delivery boys only.

"Neither manufacturers nor traders are getting any benefit from the business models of Amazon and Flipkart because they largely import their products from China and Korea and sell here. Nearly 80 per cent of their products are imported," said Anil Bhardwaj, Secretary General, Federation of Indian Micro and Small & Medium Enterprises (FISME).

Bhardwaj said that the global e-commerce players generally source and sell products through their own preferred suppliers and as a result a large number of local manufacturers and traders get crowded out.

He listed out deep discounting and buying products from preferred companies as unfair practices.

"Even if they buy products from local suppliers the commission charged is very high," Bhardwaj said adding that the issues related to unfair practices have been raised with Commerce Ministry on multiple occasions.

FISME maintains that the technology-driven retail is way forward and one cannot be oblivious of the benefits it brings to consumers but at the same time the local industry can also not be ignored given its role in job creation.

"If both traders and local manufacturers are crowded out then how would the local industry survive and employment be generated?" asked Bhardwaj.

As Amazon Founder and CEO Jeff Bezos is currently on his three-day visit to India, the local traders are up in arms against the "unfair" trade practices of the tech giant. Delhi-based Confederation of All India Traders (CAIT) has launched a countrywide protest against the company and has organised protests across 300 cities.

In a setback to Amazon and Walmart-backed Flipkart, the fair market watchdog Competition Commission of India (CCI) has ordered probe into the business operations of both the companies on multiple counts including deep-discounts and exclusive tie-up with preferred sellers.

"For the first time some concrete step has been taken against Amazon and Flipkart who are continuously violating the FDI policy in indulging in a vicious racket of controlling and monopolising not only the e-commerce but even the retail trade as well," CAIT National Secretary General Praveen Khandelwal said after the CCI order.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
May 14,2020

Social media platform WhatsApp assured the Supreme Court on Wednesday that it will not roll out its payment services without complying with all payment regulations and norms in the country.

A bench headed by Chief Justice S.A. Bobde and comprising Justices Indu Malhotra and Hrishikesh Roy took up the matter through video conferencing. Senior advocate Kapil Sibal, representing the social media platform, said "WhatsApp Inc makes a statement on behalf of his client that they will not go ahead with the payments' scheme without complying with all the regulations in force."

The statement was made during the hearing of a petition seeking a ban on payment through WhatsApp, as it does not conform to the data localization norms. The top court took the assurance made by WhatsApp on record.

WhatsApp made the statement during the hearing of a plea seeking a ban on its payment service, for not being in line with data localization norms.

In 2018, WhatsApp was granted a beta licence to launch its payment service, but a dedicated and separate app is yet to be launched. A petition was moved in the apex court that WhatsApp's existing model for its payments service should be declared inconsistent with the Unified Payment Interface (UPI) Scheme, as a separate dedicated app has not been offered by the company.

The petitioner NGO, Good Governance Chambers, argued that the National Payments Corporation of India (NPCI) and the Reserve Bank of India (RBI) must change its model on the lines of the UPI payment scheme, and its operations may be suspended until these conditions are met.

The apex court today asked the Centre, Facebook and WhatsApp to file their replies within three weeks and it will take up the matter thereafter. The court noted that the government may process the applications filed by WhatsApp in accordance with the law and there is no stay on the same. Facebook was represented by senior advocate Arvind Datar.

The petitioner argued that lapses have been found in relation to WhatsApp's claims of having a secure and safe technological interface for securing sensitive user data.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 30,2020

May 30: Patients undergoing surgery after contracting the novel coronavirus are at an increased risk of postoperative death, according to a new study published in The Lancet journal which may lead to better treatment guidelines for COVID-19.

In the study, the scientists, including those from the University of Birmingham in the UK, examined data from 1,128 patients from 235 hospitals from a total of 24 countries.

Among COVID-19 patients who underwent surgery, they said the death rates approach those of the sickest patients admitted to intensive care after contracting the virus.

The scientists noted that SARS-CoV-2 infected patients who undergo surgery, experience substantially worse postoperative outcomes than would be expected for similar patients who do not have the infection.

According to the study, the 30-day mortality among these patients was nearly 24 per cent.

The researchers noted that mortality was disproportionately high across all subgroups, including those who underwent elective surgery (18.9 per cent), and emergency surgery (25.6 per cent).

Those who underwent minor surgery, such as appendicectomy or hernia repair (16.3 per cent), and major surgery such as hip surgery or for colon cancer also had higher mortality rates (26.9 per cent), the study said.

According to the study, the mortality rates were higher in men versus women, and in patients aged 70 years or over versus those aged under 70 years.

The scientists said in addition to age and sex, risk factors for postoperative death also included having severe pre-existing medical problems, undergoing cancer surgery, undergoing major procedures, and undergoing emergency surgery.

"We would normally expect mortality for patients having minor or elective surgery to be under 1 per cent, but our study suggests that in SARS-CoV-2 patients these mortality rates are much higher in both minor surgery (16.3%) and elective surgery (18.9%)," said study co-author Aneel Bhangu from the University of Birmingham.

Bhangu said these mortality rates are greater than those reported for even the highest-risk patients before the pandemic.

Citing an example from the 2019 UK National Emergency Laparotomy Audit report, he said the 30-day mortality was 16.9 per cent in the highest-risk patients.

Based on an earlier study across 58 countries, Bhangu said the 30-day mortality was 14.9 per cent in patients undergoing high-risk emergency surgery.

"We recommend that thresholds for surgery during the SARS-CoV-2 pandemic should be raised compared to normal practice," he said.

"For example, men aged 70 years and over undergoing emergency surgery are at particularly high risk of mortality, so these patients may benefit from their procedures being postponed," Bhangu added.

The study also noted that patients undergoing surgery are a vulnerable group at risk of SARS-CoV-2 exposure in hospital.

It noted that the patients may also be particularly susceptible to subsequent pulmonary complications, due to inflammatory and immunosuppressive responses to surgery and mechanical ventilation.

The scientists found that overall in the 30 days following surgery 51 per cent of patients developed a pneumonia, acute respiratory distress syndrome, or required unexpected ventilation.

Nearly 82 per cent of the patients who died had experienced pulmonary complications, the researchers said.

"Worldwide an estimated 28.4 million elective operations were cancelled due to disruption caused by COVID-19," said co-author Dmitri Nepogodiev from the University of Birmingham.

"Our data suggests that it was the right decision to postpone operations at a time when patients were at risk of being infected with SARS-CoV-2 in hospital," Nepogodiev said.

According to the researchers, there's now an urgent need for investment by governments and health providers in to measures which ensure that as surgery restarts patient safety is prioritised.

They said this includes the provision of adequate personal protective equipment (PPE), establishment of pathways for rapid preoperative SARS-CoV-2 testing, and consideration of the role of dedicated 'cold' surgical centres.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.