'

Microsoft confirms that "WannaCrypt" uses an NSA exploit

Microsoft confirms that

Microsoft confirms that

Microsoft confirms that "WannaCrypt" uses an NSA exploit

 
Microsoft has confirmed that "WannaCrypt" uses an NSA exploit, calling once again for a "Digital Geneva Convention" to prevent nation states from stockpiling such vulnerabilities to exploit users or to sell to others. 
 
For those who are unaware, "WannaCrypt" is a malicious ransomware tool that has quickly spread globally to users of older OS' like Windows XP and unpatched version of Windows 7 that are not entirely updated. This issue was patched for OS' within mainstream support on March 14th, one month before the exploit was stolen from the NSA and leaked online. Thankfully Windows 10 was never affected by this issue, so those who updated to the new OS should be safe. 
 
This exploit has infected PCs all over the world, infecting a large number of PCs within several industries, including hospitals. This should act as a huge warning for those using older systems, as well as a warning to governments that have unwittingly helped criminal enterprises by not reporting this issue to Microsoft earlier and allowed this exploit to be stolen and leaked in the first place. 
 
In response to this situation, Microsoft has created patches for several older operating systems that are not officially supported, including Windows Server 2003, Windows XP and Windows 8 (Windows 8.1 is already patched). These updates are available to download here from Microsoft directly.  

 

Microsoft confirms that

 

Two lessons can be learned from this event, first that you should never be using an OS that is outside of mainstream support, as they have no defence from these kinds of exploits, and secondly, that government agencies should be reporting these issues to prevent such a catastrophe from happening in the future.    

The National Security Agency of the USA has unwittingly caused consumers, businesses and even hospitals all over the world to become victims of ransomware. This has no doubt cost those affected a lot of money, due to both delays and the time and effort required to fix affected hardware. 

This is a continuing trend from the US where exploits and vulnerabilities discovered by US agencies are leaking online and are causing widespread damage across the world. There is no question now that today some of the biggest threats to cyber security are nations and not just criminal enterprises.    

 

You can join the discussion on Microsoft's confirmation that "WannaCrypt" uses an NSA found exploit on the OC3D Forums

 

«Prev 1 Next»

Most Recent Comments

15-05-2017, 08:14:45

AlienALX
That's some nasty business man. Made sure all my stuff was up to date after reading about that this morning.Quote

15-05-2017, 08:25:08

barnsley
It technically uses two exploits that had been held by the NSA a while ago before they got hacked. The way it spread (NSA's nickname for it is 'EternalBlue') only worked if the target machine hadn't had March's patches installed. If it detects it, it will also make use of the other ex-NSA exploit, codename 'DOUBLEPULSAR' if that hasn't already been disabled as well.

Sadly our Governments will always keep any exploit they find hidden as they won't be affected by this.Quote

15-05-2017, 09:32:06

Avet
Linux is the solution. I am not well informed on this subject so i will ask. Why aren't hospitals, and businesses using Linux instead of Windows? It is rock solid, and free.Quote

15-05-2017, 10:29:27

Darkdayzzz
Quote:
Originally Posted by Avet View Post
Linux is the solution. I am not well informed on this subject so i will ask. Why aren't hospitals, and businesses using Linux instead of Windows? It is rock solid, and free.
Sigh....simple answer in my opinion? Because nurses/doctors/secretaries/etc simply WONT learn the new system. Now, one could install a version of linux that looks and acts significantly like windows (its out there can't recall the name) and that would work wonderfully.

Longer answer? Governments / faculties / schools / medical buildings / don't have the time or money to do retraining on employees on how the new OS would operate. Never mind the fact that these same places ONLY use it for typing documents / patient information / google things / etc...nothing super intensive or 'power user' type things.

So there is no reason these places shouldn't be using either mac OSX or a version of Linux, it's just the fact that they don't care because everything in government takes forever and a year to get going. That would be the biggest reason why (again my opinion is all) because lets all face it, as far as exploiting is concerned windows is the most targeted OS. Sure you CAN target Macs or Linux distros....but no one does. Why? its harder, more time consuming, often enough not enough to gain quickly and easily, and generally you could probably have 3-5 windows machines compromised before 1 linux/mac machine. So again, time and effort vs reward chances....reward chances win everytime so windows will continue to be targeted over the other OSes.


This is all just my two cents is all, take it for what it is.Quote

15-05-2017, 11:50:32

evilcorp
Over the weekend i was in contact with a couple of IT project managers who work for the NHS who have been pretty badly effected by 'wannacrypt'. They just were not prepared for any attack of this kind and are looking at weeks and possibly months of recovery time.

Most companies just dont want to spend the money on patching systems and are often 6 months or longer behind on critical microsoft patching of vulnerabilities.

Linux like all other OS's is vulnerable to exploits and there have been a lot of high profile potential exploits that havent been utilized. Hospitals dont use linux because a lot of the mission critical software they use is coded in windows only. There is also the training element which is cost prohibitive to most organizations.

Its scary that we are living in a time where the security services are stockpiling vulnerabilities and buying a lot of vulnerabilities from very questionable sources.Quote
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.