Community Discussion About The Effects of the "Wanna Cry" Ransomware.

User avatar
Satchman
Posts: 691
Joined: Mon Dec 28, 2009 1:08 pm

Community Discussion About The Effects of the "Wanna Cry" Ransomware.

Post by Satchman » Wed May 17, 2017 8:32 pm

Dear WOT,

This was one of the worst virus attacks ever seen. Sources say this hit more than 150 countries and ninety percent of those affected were running Windows XP. A no-longer supported Operating System since April of 2014.

In a historic move, Microsoft released a patch for Windows XP. This patch only works on machines not affected already by the virus. All modern Windows Systems that had Windows Update turned on, and up-to-date Anti-virus software were protected. This includes, Windows 7, Windows 8.1, and Windows 10 users. Windows 10 was not affected at all.

Do you believe that it was right for Microsoft to patch Windows XP systems because of the scope and magnitude of the attack? Or do you believe that this practice could lull people into a false sense of security when Windows XP gets hacked again because it is no longer updated? Users got bailed out this time. Should they expect this in the future?

Additionally, how do you believe the answers to these questions may be the same or different from businesses and home user environments?

Satch
Dislike (-0)

Klemen.Soeargo
Posts: 1
Joined: Wed May 17, 2017 11:05 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Klemen.Soeargo » Wed May 17, 2017 11:05 pm

In my opinion, the most important answer is backing up your data. The implementation and the complexity may differ from home-user to business, but the principle remains the same: Have a backup that isn't connected to the internet.
Dislike (-0)

Site-rater
Posts: 2811
Joined: Tue Sep 15, 2009 7:48 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Site-rater » Thu May 18, 2017 1:28 am

How does one convince a workplace to update their computers when they retaliated against me after I told them their free Letsencrypt certificate (which they weren't even using even on pages collecting sensitive information) ran out?
There are some IT departments out there that just don't seem to care and think a casual SSL Labs report means one is some sort of evil hacker or are just harassing the IT department.
Dislike (-0)

User avatar
A440
Posts: 2279
Joined: Sat Nov 20, 2010 1:56 am

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by A440 » Thu May 18, 2017 6:57 am

Running a machine with XP, without safeguards or knowledge is foolish.
Dislike (-0)

User avatar
destinationtruth
Posts: 400
Joined: Tue May 12, 2015 7:47 pm
Location: Cherokee Nation

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by destinationtruth » Thu May 18, 2017 6:07 pm

It's a 16 year old OS. . . foolish is not upgrading, and even more so since its not being updated anymore by MS. Though I applaud MS for making a patch, yet I would make it the last. Those that haven't learned by now are just on the edge of being stupid. It would be like a security company using an open bed truck to carry money and its guards using water guns for protection. . . and then wondering how this happened. . . being robbed.

Then again sometimes you just can't fix stupid.
_https://addons.mozilla.org/en-US/firefox/addon/no-winner/
Dislike (-0)

User avatar
Dutch Mountain
Posts: 1431
Joined: Wed May 12, 2010 5:20 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Dutch Mountain » Thu May 18, 2017 7:44 pm

@ Satch : Besides the discussion you're opening about XP......Good info !
peterswebsafety.com ( link on my profile page ).
Dislike (-0)

User avatar
Satchman
Posts: 691
Joined: Mon Dec 28, 2009 1:08 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Satchman » Thu May 18, 2017 7:49 pm


@ Satch : Besides the discussion you're opening about XP......Good info !


Thank you Dutch Mountain! Good to see you back!

Satch

Dislike (-0)

User avatar
NotBuyingIt
Posts: 3201
Joined: Fri Mar 11, 2011 6:21 pm

RE: Community Discussion About The Effects of the "Wanna Cry" …

Post by NotBuyingIt » Thu May 18, 2017 10:41 pm

Owners of some Windows XP computers infected by the WCry ransomware may be able to decrypt their data without making the $300 to $600 payment demand … ❞butDecryption tool is of limited value, because XP was unaffected by last week's worm.

Still, it may be helpful to XP users hit in other campaigns.
See the article at
https://arstechnica.com/security/2017/05/windows-xp-pcs-infected-by-wcry-can-be-decrypted-without-paying-ransom/
(Slashdot-ed at https://yro.slashdot.org/story/17/05/18/1947217/windows-xp-pcs-infected-by-wannacry-can-be-decrypted-without-paying-ransom )
 
One security researcher argued on Twitter:The worm doesn't infect WinXP - but the ransomware works on WinXP just fine. Yes, you'd have to manually copy and run it there.(Source: https://twitter.com/VessOnSecurity/status/865203180677812225)
 
Data that is stored in the cloud may become lost in the fog.
Dislike (-0)

User avatar
Satchman
Posts: 691
Joined: Mon Dec 28, 2009 1:08 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Satchman » Fri May 19, 2017 11:55 pm

This article gives somewhat conflicting information,

It says that Windows 7 was the most hit and that data collected on Windows XP systems was "insignificant." Microsoft says that those who have automatic windows update turned on in Windows 7 and running their anti-virus software, (Microsoft Security Essentials.) are protected. Windows 7 will be supported with system updates untl 2020.

Microsoft Security Essentials is replaced by Windows Defender on Windows 8.1 and 10. Windows Defender on Windows 7 is a malware blocker only, and users must update to Microsoft Security Essentials or a Third Party AV software to get AV protection on Windows 7. It appears that because the Wanna Cry attack was so severe that Windows Defender on Windows 7 still would block Wanna Cry. More here:

hxxps://www.yahoo.com/tech/m/b536f096-7c14-38e3-b0d3-715db97d4172/worst-hit-by-wannacry%3A-people.html

Satch
Dislike (-0)

User avatar
Javelina
Posts: 113
Joined: Sun Oct 24, 2010 5:34 pm

RE: Community Discussion About The Effects of the "Wanna Cry" Ra

Post by Javelina » Mon May 22, 2017 11:12 am

I read Microsoft's TechNet blog post about the patch
hxxps://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
This was one of the comments, and it supports the perspective that Microsoft shouldn't be releasing patches for long past end-of-life versions of Windows: "The mere fact that Microsoft released an update for XP is pretty shocking because it’s such an old OS. It would be like patching a vulnerability in Windows 2000 in the year 2016, or patching a vulnerability in Windows 98 in 2014!"

Kaspersky posted a chart of attack frequency by OS.
hxxps://twitter.com/craiu/status/865562842149392384
It indicates that infection distribution was highest for Windows 7 x64, while Windows XP count was insignificant. People in the response thread asked if the findings are applicable to systems with Kaspersky AV installed, or for overall incidence regardless of AV brand, if any. It is a good point, but might be a question that only Microsoft can answer.

There's ambiguity about whether Win 10 is vulnerable to wanna cry. Microsoft suggested that it isn't. Kaspersky seems to agree, stating that wanna cry could not affect Win 10 unless infected manually. I suspect that there are a lot more home users of Win 10 than business users. That might explain why home users were not impacted as severely as businesses. Businesses are often slower to transition to new OS versions. I mention this because Satchman inquired in his original post.
Dislike (-0)

Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 1 guest