Microsoft could have stopped WannaCry ransomware from spreading, but it did nothing


Microsoft could have stopped WannaCry ransomware from spreading, but it did nothing

Efforts by IT security researchers to get to the bottom of the recent ransomware attack have been hampered by an inability to find early traces of the so-called WannaCry strain, according to research commissioned by Reuters and conducted by security ratings firm BitSight.

In March, the company released a free patch that would have protected computers from the malware. Shadow Brokers, the group that is believed to behind the theft of the NSA hacking tools, has already threatened to put out more of these tools in the public.

Microsoft eventually issued a free security patch for Windows XP, Windows Vista, Windows 8 users (these systems are no longer officially supported by the company, but in many parts of the world consumers and even businesses continue to remain on these).

"What really makes the magnitude of this attack so much greater than any other is that the intent has changed from information stealing to business disruption", said Samil Neino, 32, chief executive of Los Angeles-based Kryptos Logic.

Because of the way WannaCry spreads sneakily inside organisation networks, a far larger total of ransomed computers sitting behind company firewalls may be hit, possibly numbering upward of a million machines. "But this is so far the only workable solution to help enterprises to recover their files if they have been infected and have no back-ups" which allow users to restore data without paying black-mailers. Evidently we need stronger incentives not just for companies to release more secure products, but also for users to keep them updated and protect their data with encryption and backups. It appears the attackers have found people willing to pay.

The researchers said the tools are not ideal and only work if the infected computers have not been rebooted after being hit by the programme. "The difference this time is that the virus attack is getting publicity". Security experts agree that the best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations.

The country is least prepared to tackle the ransomware virus "WannaCry" because of the low level of awareness about malicious software, a senior official looking after West Bengal's IT security said.

WannaCry landed nine weeks after Microsoft's patch arrived.