Risks-Forum Digest Saturday 13 May 2017 Volume 30 : Issue 29 Date: Fri, 12 May 2017 16:27:31 -0700 From: Lauren Weinstein Subject: Today's Massive Ransomware Attack Was Mostly Preventable -- Here's How To Avoid It (Gizmodo) NNSquad http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984 Here's what happened: Unknown attackers deployed a virus targeting Microsoft servers running the file sharing protocol Server Message Block (SMB). Only servers that weren't updated after March 14 with the MS17-010 patch were affected; this patch resolved an exploit known as ExternalBlue, once a closely guarded secret of the National Security Agent, which was leaked last month by ShadowBrokers, a hacker group that first revealed itself last summer. The ransomware, aptly named WannaCry, did not spread because of people clicking on bad links. The only way to prevent this attack was to have already installed the update.
|