1. Home
  2. Ransomware threat: Get patched, find a firewall or upgrade fast

Ransomware threat: Get patched, find a firewall or upgrade fast

[email protected] (Agencies)
May 15, 2017

New Delhi, May 15: It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.

wannacry

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Once Microsoft released the patch for the vulnerability — exploited by hacker group “Shadow Brokers” after stealing a software from the US National Security Agency (NSA) — some Window XP users installed the update called “Microsoft Security Bulletin MS17-010” on their desktops and laptops.

But several didn"t.

There are nearly 150 million computers running Windows XP operation system globally. Those who didn"t pay heed to the Windows XP patch are the ones who have fallen prey to the world"s biggest ransomware attack.

Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.

Meanwhile, “WannaCrypt” locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.

According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.

“Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab"s solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on,” Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told.

“Run the "Critical Area Scan" task in Kaspersky Lab"s solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours),” he added.

According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines.

“We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers,” Sahu told.

As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a “wake-up call”.

The news led software security providers to ramp up anti-malware software.

“Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks,” Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told.

If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:

“Disable SMBv1 (a server component) with the steps documented at "Microsoft Knowledge Base Article 2696547" and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445,” said a report in the technology website Engadget.

“This is big and set to get bigger. We haven"t seen anything like this since Conficker in 2008,” Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.

The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
Always make sure your files are backed up.

“That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats,” suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.

Remember this: “WannaCrypt” probably won"t work across the internet for PCs behind a firewall or router.

“But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly — which is exactly what has happened,” the Engadget report added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 19,2020

New Delhi, Jul 19: Indian equities will be driven by a host of factors like corporate earnings, coronavirus cases trend and geo-political developments this week, according to analysts.

Market participants will also keenly watch the progress of monsoon, with experts saying that the farm sector revival will play a key role in lifting the coronavirus-hit economy.

"With no major event, the ongoing earnings season and global cues will continue to dictate the market trend. Besides, the progress of monsoon will also be closely watched," Ajit Mishra, VP - Research, Religare Broking, said.

Globally, the rising coronavirus infections and geo-political tensions have created uncertainty on the economic recovery front.

With India's COVID-19 cases fast approaching the 11 lakh mark, the third-highest behind the US and Brazil, and the death toll nearing 27,000, participants are expected to tread cautiously going forward.

At global level, confirmed COVID-19 cases have crossed 1.4 crore and deaths totalled about 6 lakh.

Markets globally will closely follow developments on the trade and political level between the US and China, according to analysts.

"We would continue witnessing stock-specific action as the earnings season unfold. Though the near-term momentum looks positive, we would advise traders to be cautious, given flaring US-China trade relations, persistent rise in virus cases and implementation of fresh lockdowns in parts of the country," said Siddhartha Khemka, Head - Retail Research, Motilal Oswal Financial Services Ltd.

HDFC Bank will remain in focus on Monday after having announced its June quarter earnings on Saturday.

The lender reported 19.6 per cent rise in its standalone net profit at Rs 6,658.62 crore for April-June 2020; while its income rose to Rs 34,453.28 crore during the quarter.

Other major companies to announce their quarterly results this week are Axis Bank, Bajaj Finance, Hindustan Unilever Limited, Bajaj Auto and ITC.

"Going ahead market participants will closely track the development related to covid vaccine, the rising infection of coronavirus, development on economic activities, corporate earnings and US-China relationship," said Sumeet Bagadia, Executive Director, Choice Broking.

On weekly basis, the Sensex gathered 425.81 points or 1.16 per cent, and the Nifty gained 133.65 points or 1.24 per cent.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 10,2020

US dictionary Merriam-Webster will update the meaning of the word "racism" after being contacted by a Missouri black woman, who claimed the current definition fell short of including the systematic oppression of people of colour, according to media reports.

"A revision to the entry for racism is now being drafted to be added to the dictionary soon, and we are also planning to revise the entries of other words that are related to racism or have racial connotations," according to a statement of the 189-year-old dictionary shared by Kennedy Mitchum, a recent graduate of Drake University in Iowa, on her Facebook.

Mitchum, 22, emailed the dictionary last month, following the death of African American George Floyd in the custody of four Minneapolis police officers, Xinhua news agency reported.

"I kept having to tell them that definition is not representative of what is actually happening in the world," Mitchum told CNN. "The way that racism occurs in real life is not just prejudice, it's the systemic racism that is happening for a lot of black Americans."

Merriam-Webster's first definition of racism is "a belief that race is the primary determinant of human traits and capacities and that racial differences produce an inherent superiority of a particular race."

"It's not just disliking someone because of their race," Mitchum wrote in a Facebook post on Friday. "This current fight we are in is evidence of that, lives are at stake because of the systems of oppression that go hand-in-hand with racism."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 3,2020

Mumbai, Jul 3: In yet another move to keep Chinese technologies companies at bay, the Centre has cancelled the 4G upgradation tender for BSNL as it has decided to come up with fresh specifications for the upgrade process, sources said.

The Department of Telecommunications (DoT) is likely to issue a fresh tender in the next two weeks.

People in the know said that the fresh tender may not allow Chinese companies to participate and that the new tenders that will be floated in the next two weeks will emphasise on Make in India.

As the border tussle with China escalated last month and around 20 soldiers lost their lives, the government had last month asked both BSNL and MTNL not to use equipment of Chinese makers in their upgrading process to 4G facilities.

Huawei and ZTE are the major Chinese telecom equipment makers working with Indian telecom companies and they would be the hardest hit by the decision.

The impact may be felt in terms of the much-awaited 5G trials in the country. After much deliberation, the Centre last December decided to allow Huawei to take part in the 5G trials.

The cancellation of tender for BSNL's 4G upgradation comes after the Centre on Monday banned 59 Chinese apps including TikTok, WeChat and UC Browser.

A statement by the Ministry of Electronics and IT said that the decision was taken since "there is credible information that these apps are engaged in activities which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order".

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.