Warning = WannaCry ransomware infections reported worldwide

[NeuralStunner]

Regarding Microsoft: That's just ludicrous because if they ever are found out they'd be taken out of business for certain. Still more likely than ibm's conspiracy theory nonsense.

I'm sure Dansco's post was satirical, but I guess he could've laid it on a little thicker.

[Rachael]

Still more likely than ibm's conspiracy theory nonsense.

You can be sure if it were a conspiracy, there's a certain buffoon who's too stupid to keep it secret and would leak it on national television as soon as he found out about it.

[Graf Zahl]

Obviously. Sometimes I ask myself why some people still believe in government conspiracies - even the most recent Trump disaster clearly tells us that there's always someone who would leak the most classified stuff if it served their agenda. It's far too easy these days to let the entire world know about other people's nefarious (or even not so nefarious) plans.

[Rachael]

I don't doubt there are conspiracies. That's part of human nature. It's just that they're not what people would expect - and they just usually end very quickly - either they're successful, and they then inevitably turn on each other - or they're not successful, and they all get arrested and thrown in jail for fraud or embezzlement. (The latter happens a lot, actually) And if two or more people are involved (which does happen, enough) it counts as a conspiracy.

Certainly nothing that would involve ransomware - that would be a huge waste of time and resources. The NSA had this exploit kit at their disposal for YEARS - there's no way a true conspiring agency could not have taken advantage of it within that time if they really wanted to. No - the exploit kit had to be leaked to the public, first - and out of government hands - for this to happen.

[Dancso]

if we want to assume that it's a government-sponsored operation, the only possible perpetrator would be North Korea, but it seems to be a bit sloppy even for them.

North Korea has computers?

hmmmm WHAT IF
What if the NSA gave the exploit to North Korea knowing that it would create a conflict, allowing the US to invade?

[Graf Zahl]

Bad move to leak it to the public first so that Microsoft can fix it. This attack would have been devastating had the exploit not been fixed yet. It's bad enough that so many organizations did not take security as serious as necessary but imagine this thing not attacking several 100000 computers but several 100000000.

On the other hand: What would have happened if the attack really had damaged the world's economy and then it had been revealed that the NSA had known of the exploit for years? I think the entire world would have turned on the US.

[Hellser]

As I said on twitter, and saying it here: Keep Windows up to date. Always. Even if it's an annoyance to you.

[Sgt. Shivers]

Only a fool connects such computers to the internet.

Doesn't the virus jump across networked computers too? It's possible only a few computers at the place were connected online and that the virus spread through the internal network.

[Rachael]

Doesn't the virus jump across networked computers too? It's possible only a few computers at the place were connected online and that the virus spread through the internal network.

Correct. For a majority of viruses, internal networks are in fact the first place a virus will look for vulnerable hosts. They don't even bother with the internet, itself, until it's run out of hosts to try and infect on the internal network.

[Hellser]

According to Kaspersky (I don't exactly trust the source 100%, but it's something), the computers infected with this ransomware the most are Windows 7 x64 machines - where people tend to turn off their Windows Update. Tsk, tsk.. Those with Windows 10, it seems like only 1 person was infected. That's what it appears like, anyways.

[Graf Zahl]

Somehow this makes sense.

Many of those Windows 7 users seem to be the paramoid kind that think everything coming from Microsoft is evil and needs to be blocked. And since those tend to stick around with old software and refuse to update - voilà.

But this?

The Kaspersky figures are illuminating because they show Windows 7 x64 Edition, which is widely used by large organizations, being infected close to twice as much as Windows 7 versions mostly used in homes and small offices. It's not clear if that means enterprises are less likely to patch or if there are other explanations.

makes no sense. When I purchased my Windows 7 system in 2012 there was no more option to choose the 32 bit version.

[Hellser]

I had an option for 32-bit with my store-bought copy. But given the 64-bit had became a standard, I didn't bother even touching that disk.

Also, there's another ransomware doing the same thing as WannaCry called Adylkuzz. Once again, keep your OS up to date, as the exploit this one is doing has been fixed already with the security updates provided by Microsoft.

[Nevander]

I've read that disabling SMBv1 can prevent your system from being at risk of being attacked. Is there any truth to this and what functionality do you lose by disabling it?

Also, there's another ransomware doing the same thing as WannaCry called Adylkuzz. Once again, keep your OS up to date, as the exploit this one is doing has been fixed already with the security updates provided by Microsoft.

Another!? You shitting me?

[Hellser]

Personally, I think you can reduce your risk of being attacked by simply keeping your OS up to date. An analogy for this would be turning off water to a busted pipe with no intention of fixing the pipe.

And yes. Another one. Expect to see many more pop up trying to get money using this exploit. WannaCry is just well known one for now.

Edit: I know I keep saying it, but seriously.

Keep your OS up to date

[Enjay]

But this?

The Kaspersky figures are illuminating because they show Windows 7 x64 Edition, which is widely used by large organizations, being infected close to twice as much as Windows 7 versions mostly used in homes and small offices. It's not clear if that means enterprises are less likely to patch or if there are other explanations.

makes no sense. When I purchased my Windows 7 system in 2012 there was no more option to choose the 32 bit version.

It makes sense to me. Many organisations are notoriously bogged down by bureaucracy and red tape. Even some very large organisations have highly restrictive policies on who can do what to the computers on their networks and leave rolling out updates and other maintenance tasks to small, perhaps inefficient or overworked, IT centres. No one updates until the IT centre says so and has the time to roll out the updates for them. Meanwhile, all the machines on the networks sit around, able to connect to the internet but unable to be updated or otherwise secured by the people using them. It's a hideous, lumbering, inefficient system propping up old hardware and out of date software and just waiting for something to go wrong. I know that certain public organisations in the UK work very much like that and it wouldn't surprise me if the NHS was like that.