Beijing claims to have detected the first WannaCry ransomware without the 'kill-switch', Microsoft accuses the NSA as the base code for WannaCry, and Spain seeks to create cyberreservists to act when these attacks occur.
Reports come from Beijing about the WannaCry ransomware, which would have undergone a modification. This is a revision of the original, which has affected more than 150 countries according to the Global Times and more than 120.000 computers around the world. The top cybersecurity representatives of the Chinese government have issued a statement in which they assure that the ransomware that has turned the world upside down, would have returned and bypassed the security implemented after the first attack.
The WannaCry malware would be based on EternalBlue, a software developed by the United States, specifically by the NSA, to take control of computers through security holes detected in Windows. The director of the Chinese Institute of Strategy in Cyberspace, Qin An, has spoken about the great problem that is the superiority of the United States in the digital world.
Table of Contents
MICROSOFT AGAINST THE NSA
From Microsoft they have gone directly to the United States National Security Agency, since the origin of the problem would be the NSA. The data that Microsoft would move would indicate that the origin of the problem is a malware developed by the NSA and would confirm what Edward Snowden said. Brad Smith, president and head of the legal department of Microsoft has published the following text:
[quote bcolor=»#dd9933″]Finally, this attack provides another example of why government stockpiling of vulnerabilities is such a big problem. This is an emerging pattern in 2017. We’ve seen vulnerabilities stockpiled by the CIA appear on WikiLeaks, and now this NSA-stolen vulnerability has affected clients around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the theft of some Tomahawk missiles from the US military. And this recent attack represents a completely unintentional but disconcerting link between the two most serious cybersecurity threats in the world today: the actions of nation states and the actions of organized crime.[/quote]
It should be noted that Microsoft does not usually get into political or government issues, which is why Brad Smith's words surprise. He has also commented that what happened should be taken as a warning, since this attack, despite the commotion, is not as serious as one might think.
SHOULD WE BE CONCERNED?
In truth, no more than other days when most hadn't heard of ransomware. We must bear in mind that this is not new, it is the most 'normal' thing in the world. WhatsApp chains, strange messages with links or notices from 'banks' and other sites that ask for data are more serious attacks than this. The only thing special about it is that it encrypts your data and little else. Formatting should be solved, so we must have the data safely.
THE OCCURRENCE OF THE DAY: CYBER SERVERS
Spain as always goes at its own pace. We have the National Cryptographic Center, which is the one who monitors and reviews this problem and others like it. The great idea of the PP has been to develop what they have called 'cyberreservistas', something like reserve firefighters, who are called when a fire gets out of control or they know the terrain and can help. What is sought here is that hackers help the CNI, Army, Police and Civil Guard in the protection and support in case of similar digital attacks. It would be better to form members of the bodies mentioned or incorporate experts to improve the national network.
CCN CREATES A TOOL TO AVOID INFECTION OF RANSOMWARE WANNACRY
It will be regulated by regulations and the draft has been written by Ana Vázquez Blanco, deputy spokesperson of the Mixed Commission of National Security and Teodoro García, deputy spokesperson coordinator of Agenda Digital. The development of this standard has been under development for a long time, but the WannaCry attack would have caused an acceleration of the regulation.
Source: the other side
