Ransomware: WannaCry cyber attack may attack Indian banking system soon, says expert

Joy Montgomery
May 17, 2017

Congressman Dutch Ruppersberger represents the cyber security capital of the world - Maryland's second district and home to the National Security Agency.

As notorious WannaCrypt ransomware hits businesses worldwide, technology giant Microsoft said it has been working round the clock since Friday to help all its customers who have been affected by this incident.

Steve Grobman of the security company McAfee said forensics experts are looking at how the ransomware was written and how it was run.

- What about computer security at large?

Some of the biggest disruption was caused by attacks on the United Kingdom health system, which saw hospitals and clinics forced to turn away patients after losing access to computers.

But the puzzle is how the first person in each network was infected with the worm. Though Grobman agrees with his colleague at Microsoft: These last few days, battling the WannaCry attack, have been very long.

So criminals turned to targeted attacks instead to stay below the radar. Most cybersecurity companies have blamed phishing e-mails - e-mails containing malicious attachments or links to files - that download the ransomware.

"At least 45,000 computer systems in India have been infected", said one of the people cited above. "The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect".

Since security professionals typically focus on building walls to block hackers from entering, security tends to be less rigorous inside the network. The exploit will scan 445 file sharing ports from Windows endpoints.

Security experts said the spread of the malware appeared to slow on Monday.

"Governments provide a mandate to our intelligence agencies to find and exploit security flaws".

Aaron Hernandez' Prison Boytoy: 'Devastated' By The Star's Sudden Death
Jenkins-Hernandez added that "none of it makes sense to me". "I don't know what to believe, to be honest with you". Jenkins didn't seem question what was written in the note, however.

A researcher from Google posted on Twitter that an early version of WannaCrypt from February shared some of the same programming code as malicious software used by the Lazarus Group, the alleged North Korean government hackers behind the destructive attack on Sony Corp in 2014 and the theft of US$81 million from a Bangladesh central bank account at the New York Fed past year. But they could still linger as low-grade infections that flare up from time to time.

Those "kits" Selby describes are what experts think they're seeing with WannaCry.

Knowing how malware infects and spreads is key to being able to stop existing attacks and anticipate new ones.

Conficker was more of a pest and didn't do major damage. He said the main challenge was the fast-spreading capabilities of the malware, but added that, so far, not many people have paid the ransoms that the virus demands.

The damage might have been temporarily contained. But attackers can, and probably will, simply develop a variant to bypass this countermeasure.

On Sunday, country's cyber security agency Computer Emergency Response Team (CERT-In) had issued a red-coloured "critical alert" to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain. "Talk about a wake-up call", Hypponen said. But let's be reasonable, software can not be definitively supported and there has to be responsibility on the side of the business or organisation which continues to run unsupported software or refuses to deploy patches.

Quick Heal Technologies has "detected over 48,000 MS-17- 010 Shadow Broker exploit hits responsible for "WannaCry ransomware" outbreak in India", it said in a statement. And as Friday's attack shows, the unthinkable is already far too real.

There are other surprises, that suggest this is not an ordinary ransomware attack.

The WannaCry ransomware has wormed its way into tens of thousands of Windows PCs in China, where Windows XP runs one in five systems, local reports said Monday.

Prof Warren said that the NHS was also using Windows NT systems across health services. No way for policymakers to account for that problem other than to move quickly to get info on the vulnerabilities out, which they apparently did. And those fixes will do nothing for newer systems if they aren't installed.

Other reports by PlayStation Move reviews

Discuss This Article