Articles about ransomware

NHS hosptial photo, by Marbury via Shutterstock

NHS Digital stopped short of advising against paying off WannaCrypt

NHS Digital stopped short of advising health organisations in England not to cough up for the WannaCrypt ransom attack because it couldn't be certain that all hospitals had backed up patient records. Dan Taylor, head of security at NHS Digital, told thousands of NHS organisations everything about the attack – except explicitly …
Kat Hall, 25 May 2017
Liam Neeson, Taken

Feeling Locky, punk? Ransomware grew eight-fold last year

Ransomware saw a more than eight-fold (752 per cent) increase as a mode of attack in 2016, according to Trend Micro. The infosec firm estimates file-scrambling malware families such as Locky and Goldeneye raked in $1 billion in 2016. 2016 was the year when ransomware ruled, and this danger has been maintained by recent …
John Leyden, 24 May 2017
threats image

Network-sniffing, automation, machine learning: How to get better threat intel

IT teams can get away with poor service management, outdated software development methods and outdated apps running on legacy tin, but they might want to think twice before skimping on cybersecurity. If you don't stay on top of this stuff, while you might not be found out today or tomorrow, eventually, your customers’ personal …
Danny Bradbury, 24 May 2017
wannacry

Wannacry: Everything you still need to know because there were so many unanswered Qs

Vid It has been a week since the Wannacry ransomware burst onto the world's computers – and security researchers think they have figured out how it all started. Many assumed the nasty code made its way into organizations via email – either spammed out, or tailored for specific individuals – using infected attachments. Once …
Iain Thomson, 20 May 2017
phishing

Crooks use WannaCrypt hysteria as hook for BT-branded phishing emails

Scoundrels have latched on to the WannaCrypt outbreak as a theme for scam emails. Coincidentally some consumers are receiving seemingly genuine warnings from their ISPs related to suspected infection during last week's worldwide ransomware outbreak. Action Fraud warned about a dodgy email trying to trick BT customers on …
John Leyden, 19 May 2017

‪There's a ransom-free fix for WannaCry‬pt. Oh snap, you've rebooted your XP box

Windows XP PCs infected by WannaCrypt can be decrypted without paying ransom by using a new utility dubbed Wannakey. Wannakey offers in-memory key recovery for Win XP machines infected by the infamous ransomware strain. The fix can be used to dump encryption keys from memory. This RSA private key, once recovered, can be used …
John Leyden, 19 May 2017

Great Ormond Street children's hospital still offline after WannaCrypt omnishambles

Updated The internationally famous Great Ormond Street Hospital has been taken offline as a safety measure following last week's catastrophic WannaCrypt outbreak. The London-based children's hospital was not itself hit by the ransomware but has nonetheless quarantined its computer network. This has left staff without either email or …
John Leyden, 18 May 2017
padlock

Azure users told they're not WannaCrypt-proof

Microsoft Windows users already know what to do to defeat WannaCrypt (unless they've been asleep for a week). Now the company's published its advice for its Azure customers. Since there aren't any surprises in Microsoft's note for Azure users, Vulture South suspects this is a prod for people who are slow to respond or …

Backup crack-up: Fasthosts locks people out of data storage for days amid WCry panic

Fasthosts left some customers without access to their backups for roughly six days – after it tore down systems it feared were vulnerable to the WannaCry malware. The Brit web hosting biz confirmed to The Register that it pulled the plug on gear hosting some of its customers' online storage service last Friday. These systems …
Shaun Nichols, 17 May 2017

Ransomware fear-flinger Uiwix fails to light

A ransomware variant, dubbed Uiwix, that abuses the same vulnerability as WannaCrypt has turned out to be something of a damp squib. Uiwix omits the kill switch domain that was instrumental in shutting down the spread of WannaCrypt while retaining its self-replicating abilities, Danish security firm Heimdal Security warned on …
John Leyden, 17 May 2017
Facepalm

Police anti-ransomware warning is hotlinked to 'ransomware.pdf'

Official anti-ransomware advice issued by UK police to businesses can only be read by clicking on a link titled "Ransomware" which leads direct to a file helpfully named "Ransomware.pdf". In case you've been living under a rock, large chunks of the digitised world, including most of the NHS, were, ahem, digitally disrupted by …
Gareth Corfield, 17 May 2017

Yo, patch that because scum still wanna exploit WannaCrypt-linked vuln

Vulnerable Windows Server Message Block (SMB) shares central to last week's WannaCrypt outbreak are still widely deployed and frequently hunted, security researchers warn. Rapid7 found over a million internet-connected devices that expose SMB on port 445. Of those, more than 800,000 run Windows, and – given that these are …
John Leyden, 17 May 2017
Sherlock Holmes

Cisco warns: Some products might have WannaCrypt vuln

Here's why infosec needs to quit yelling “if you didn't patch it's your fault” about WannaCrypt: Cisco has announced it's investigating which of its products can't be patched against the ransomware. The Register congratulates Cisco for going public, because it's certain that an innumerable number of third-party systems embed …
James Franco clutches puppy alongside Seth Rogen in a still from The Interview

WannaCrypt 'may be the work of North Korea' theory floated

Security researchers are exploring the theory that the WannaCrypt ransomware might be the work of an infamous North Korean government-backed hacking crew. The crumb-trail-sniffing began on Monday after Neel Mehta, a security researcher from Google, posted an artefact on Twitter potentially pointing at a connection between the …
John Leyden, 16 May 2017

China staggering under WannaCrypt outbreak

If reports from China are accurate, the country's often-bootlegged and under-patched Windows installations are being hit hard by the WannaCrypt ransom-worm. While the rest of the world seems to be enjoying some respite from the attacks, after researchers found and activated a kill switch in the original code, Xinhua reported …

WannaCrypt outbreak contained as hunt for masterminds kicks in

A feared second wave of WannaCrypt ransomware attacks has failed to materialize, but 16 UK National Health Service Trusts are still grappling with last week's infection. WannaCrypt spread like wildfire last Friday, infecting computers and disrupting operations at 47 NHS Trusts, US firms including FedEx, Spain's Telefonica, …
John Leyden, 15 May 2017

Sophos waters down 'NHS is totally protected' by us boast

Updated Sophos updated its website over the weekend to water down claims that it was protecting the NHS from cyber-attacks following last week's catastrophic WannaCrypt outbreak. Proud website boasts that the "NHS is totally protected with Sophos" became "Sophos understands the security needs of the NHS" after the weekend scrub-up. …
John Leyden, 15 May 2017

Ransomware scum have already unleashed kill-switch-free WannaCry‬pt‪ variant

Miscreants have launched a ransomware worm variant that abuses the same vulnerability as ‪the infamous WannaCry‬pt‪ malware. Danish firm Heimdal Security warned on Sunday that the new Uiwix strain doesn't include a kill-switch domain, like the one that proved instrumental in minimising the harm caused by WannaCrypt last week, …
John Leyden, 15 May 2017

Create a news alert about ransomware, or find more stories about ransomware.

Biting the hand that feeds IT © 1998–2017