Seven things we learned about WannaCry

By  | 
Padlock on a computer keyboardEnlarge Image

WannaCry is one of the biggest cyber attacks ever.

Getty Images

How much worse can all this hacking get?

This past week saw one of the worst cyberattacks ever, striking hospitals and businesses around the world. The attack encrypted — or scrambled — the files on more than 300,000 computers in 150 countries, and demanded victims pay ransom of at $300.

Here are the things we’ve learned so far.

There was lots of warning

This hack stemmed from a vulnerability that was discovered in Microsoft’s Windows software that powers most of the worlds PCs. It was originally discovered by the National Security Agency, whose files last month were leaked onto the internet by a group known as Shadow Brokers.

Microsoft had already sent a security update to PCs running newer versions of Windows, such as Windows 10, in March. The company also sent statements to the press that anyone running the latest updates should be protected.

A lot of people don’t update their computers

Yet, despite Microsoft’s warnings and the publicity around the Shadow Brokers hack, it appears many people were still vulnerable.

One of the primary reasons was that large organizations, such as hospitals and schools, are often slow to update their computers to the latest software. They often spend months evaluating how these updates will affect their systems and finding fixes. That all makes sense, but it’s also leaving them open to attack.

The other thing we were reminded about is how few people are running Windows 10, which was first released in 2015. Surveys by NetMarketShare, which tracks information about computers around the world, indicate nearly half of computers out there are powered by Windows 7, which was first released in 2009. Microsoft released a fix for that too in March.

But more than 7 percent of the world’s computers are powered by Windows XP, which Microsoft didn’t offer a fix for until last week, after the attack began to spread. Additionally, there’s now a report that Microsoft held back this fix until the attack began spreading, choosing instead to demand hefty fees from businesses to send them the security update.

There’s plenty of blame to spread around

It’s easy to blame Microsoft, saying it should do more to protect the millions of computers powered

Read Full Content at: Source CNet

Leave a Reply

Be the First to Comment!

Notify of