Close Share

PUBLISHED: May 13, 2017 7:28am

Global cyber attack could hold millions at ransom

Faceless hooded anonymous computer hacker with programming code from monitor

Source:
Reuters

Adjust Font Size:

WASHINGTON, 13 May 2017: 

A global cyber attack today renewed concerns about whether the US National Security Agency (NSA) and other countries’ intelligence services too often hoard software vulnerabilities for offensive purposes, rather than quickly alerting technology companies to such flaws.

Hacking tools believed to belong to the NSA that were leaked online last month appear to be the root cause of a major cyber attack unfurling throughout Europe and beyond, security researchers said, stoking fears that the spy agency’s powerful cyber weapons had been stolen and repurposed by hackers with nefarious goals.

Some cyber security experts and privacy advocates said the massive attack reflected a flawed approach by the US to dedicate more cyber resources to offence rather than defence, a practice they argued makes the internet less secure.

Across the US federal government, about 90% of all spending on cyber programs is dedicated to offensive efforts – including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials said in March.

“These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” Patrick Toomey, a staff attorney with the American Civil Liberties Union, said in a statement.

The NSA did not respond to a request for comment.

Hospitals and doctors’ surgeries in parts of England were forced to turn away patients and cancel appointments after they were infected with the “ransomware”, which scrambled data on computers and demanded payments of US$300 to US$600 to restore access.

Security software maker Avast said it had observed more than 57,000 infections in 99 countries. Russia, Ukraine and Taiwan were the top targets, it said. A live map tacker can be viewed here.

Private security firms identified the virus as a new variant of ‘WannaCry’ ransomware with the ability to automatically spread across large networks by exploiting a bug in Microsoft Corp’s Windows operating system.

Security experts said the ransomware used in the attacks leveraged a hacking tool found in a leak of documents in April by a group known as Shadow Brokers.

At the time, Microsoft acknowledged the vulnerabilities and said they had been patched in a series of earlier updates pushed to customers, the most recent of which had been rolled out only a month earlier in March.

But the episode prompted concerns about whether the tools could be leveraged by hackers to attack unpatched systems.

In a statement, a Microsoft spokesman said its engineers had provided additional detection and protection services against the WannaCry malware and that it was working with customers to provide additional assistance.

The spokesman reiterated that customers who have Windows Updates enabled and use the company’s free antivirus software are protected.

Shadow Brokers first emerged last year and began dumping tranches of documents that it said belonged to the NSA, though the files appeared at least a few years old.

Over time, western researchers have grown more confident that Russia may be behind Shadow Brokers and possibly other recent disclosures of sensitive information about cyber capabilities that have been pilfered from US intelligence agencies.

Some researchers cast blame not on the NSA but on the hospitals and other customers that appeared to leave themselves open to attack.

“The main problem here is organisations taking more than eight weeks to patch once Microsoft released the update,” said Chris Wysopal, chief technology officer at the cyber firm Veracode.

“Eight weeks is plenty of time for a criminal organisation to develop a sophisticated attack on software and launch it on a wide scale.”

Former intelligence contractor Edward Snowden, who in 2013 leaked documents to journalists revealing the existence of broad US surveillance programmes, said on Twitter the NSA had built attack tools targeting US software that “now threatens the lives of hospital patients.”

“Despite warnings, (NSA) built dangerous attack tools that could target Western software,” Snowden said. “Today we see the cost.”

Also read: Huge Ransomware Attack Spreads Across Globe: What to Do

Bernama reported the Malaysian Communications and Multimedia Commission (MCMC) says no ransomware attacks have been reported in Malaysia as at 10am today amidst a massive global cyber-attack which hit nearly 100 countries.

“MCMC is continuing to monitor the situation together with other enforcement agencies,” said the commission in a statement today.

MCMC advised Malaysians to immediately take precautions including to update their software to the latest patch, to ensure that all hosts have enabled endpoint anti-malware solutions, and to immediately backup vital data to an external hard drive or cloud storage service, if they have not done so.

“At the same time, do not click on any suspicious links and report any incidents to the authorities as quickly as possible.”

LATEST CONTENT

LEAVE US YOUR FEEDBACK

How do you like the new site

Leave your feedback here.

Have a story worth sharing?

Send us your details here.

Copyright © 2015 The Rakyat Post

Terms of Use ›   Privacy Policy ›   Contact ›