Microsoft: Here’s Why U.S. Government Is To Blame For “WannaCry” Cyber Attacks

Pin It

May 15 2017
Linked In

When you login on Monday for work, and your computer happens to be running on older versions Microsoft’s Windows such as Windows XP, chances are you could be staring at a screen screaming “pay me money to get your data back”. Call it blackmail, extortion or anything you like, but there’s no way you can get back your data without paying the ransom.


Many workers, particularly in Asia, had logged off Friday before the malicious software, stolen from the United States government, began proliferating and attacking around the world. The Friday’s cyber attack hit roughly 200,000 computers in at least 150 countries (according to Europol) around the globe. And the spread could be just the beginning.

Virus or Worm - Ransomware Lock Computer Data

The virus, equipped with “a worm functionality” – called “WannaCry 2.0” – has already locked up computers in car factories, hospitals, shops and schools in several countries, including China and Russia. The virus encrypts a computer’s files and then demands a ransom – US$300 in Bitcoin – to recover their data, with no guarantee the computer would be released unharmed.


So far, nobody knows precisely who was behind the attack. Among the organizations hit were FedEx in the United States, the Spanish telecom giant Telefónica, the French automaker Renault, Nissan’s UK car plant, universities in China, Germany’s Deutsche Bahn federal railway system. The most disruptive attacks infected Britain’s National Health Service.

Virus or Worm - Ransomware WannaCryptor 2 Red Screen On Windows XP

Russia, Ukraine and Taiwan had taken the heaviest casualties. Also known as “WannaCryptor 2.0” or simply “WCry 2.0”, the virus hits Russian Interior Ministry, Russian Railways and mobile service provider Megafon. In actuality, this is the second attempt at cyber-extortion. An earlier version, named WeCry, was discovered back in February this year.


The cyber attack was so disastrous that Microsoft has taken the rare step of issuing a fix for versions of Windows it had previously “retired” – the Windows XP, Windows 8 and Windows Server 2003. Support for Windows XP ended in 2014, 12 years after the software was introduced. But an estimated 7% of the world’s PCs still run on XP – that’s about 70,000,000 machines.

Bill Gates Launching Microsoft Windows XP - Countdown

Microsoft, however, wasn’t impressed with the latest attack. And they’re blaming the U.S. government for stockpiling cyber weapons. How come? WannaCry uses vulnerability in old versions of Windows that was originally discovered and exploited by the U.S. National Security Agency as an offensive cyber-weapon. Everything remains secretive until hackers hacked the NSA.


A hacker group – known as Shadow Brokers – obtained an arsenal of cyber warfare tools in April from the NSA, of which the U.S. agency called “Eternal Blue”. But it wasn’t Shadow Brokers who were directly involved in the ransomware strike. Instead, some opportunist developers, who could be hackers themselves, spotted the leaks and added them to their own software and released them.

Cyber Attack - US National Security Agency NSA

Microsoft President Brad Smith wrote on Sunday – “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.”


A 22-year-old British researcher who uses the Twitter name MalwareTech has been credited with “accidentally” helping to halt the spread of the assault. He noticed a bug in the virus – one of the web domains used by the attackers hadn’t been registered. So he registered the site, took control of the domain for US$10.69 and started seeing connections diverted from infected victims.

Cyber Hackers in Hoodie - 2

Unfortunately, the outbreak being stopped is only temporarily. The attackers will likely modify their code to remove the somewhat silly error or mistake, and restart their ransomware campaign. Already, new variants of the rapidly replicating worm were discovered on Sunday which did not include the so-called kill switch. An estimated US$30,000 in ransom has been paid by victims.


Other Articles That May Interest You …

Pin It

FinanceTwitter SignOff
If you enjoyed this post, what shall you do next? Consider:

Like FinanceTwitter Tweet FinanceTwitter Subscribe Newsletter   Leave Comment Share With Others


Add your comment now.

Leave a Reply


(required)(will not be published)