Three years ago, Microsoft declared that Windows XP would finally, finally be “end-of-life”d. That means no more updates, no new features, no new security patches, nothing. And yet one in 20 machines are still running it. The web hasn’t gotten safer.
You can be infected by advertisements, let alone targeted attacks or domain takeovers. Hackers know what systems are vulnerable and how to attack them. Governments stockpile exploits instead of telling companies about them. Individual hackers do the same, with no oversight either. If you use Windows XP or 8, you are telling those hackers that you don’t value your secrecy and they can come right on in, thank you very much.
WannaCry: The Ransomware Heard ‘Round the World
WannaCry (or Wanna Decrypt0r, or wcry) is a ransomware attack that, as of May 15, has infected health systems and banks. It uses information gleaned from leaked NSA documents to attack older Windows machines. That’s right, only the old ones. If you’re on Windows 10, the worm cannot touch you. Sure, Windows 10 can be a pain. But keeping up-to-date prevents bad stuff like this from happening. There are two kinds of exploits: just regular ones, which is what WannaCry used, which companies have probably already patched out in newer versions, and what are called “zero days” because that’s how many days you have to prepare for them. Zero days are seriously bad, but they’re not something that regular users like you can worry about. There’s nothing to be done. Keep your backups in a safe place, be careful on the Internet, use antivirus. Although, Zero Days are also likely to get through a lot of antivirus. But they can help sometimes, and that’s better than nothing, which is what you’re doing if you’re running Windows XP.
Sometimes people have legitimate reasons for not updating. New versions can break compatibility with old software. Old software like what runs bank transactions or medical records. That code was written in the 70s and 80s and has never been updated, but it is still mission-critical. Newer solutions may not work as well for dozens of reasons. But if you’re not in that kind of situation, let Windows Update do its thing. If you are in that kind of situation, you should have an IT department because your company has been around for decades.
The Dirty Details
WannaCrypt is based on NSA information leaked by a group called “The Shadow Brokers”. They found a cache of documents and software tools used by a group called “Equation” designed for cyberwarfare. Then, they released it. They kept some back, holding it “ransom” and asking for one million bitcoins – at the time of writing, one billion dollars. They then realized that they were asking for a billion dollars, and lowered it to 10,000 bitcoins, and allowed people to “crowdfund” it with the hopes of releasing it to the public. It would be better for the information to be public rather than in the hands of someone malicious, because even though malicious people can access it, the “good guys” can, too. You know, security researchers and the like.
The tools used in this attack were codenamed “EternalBlue” and “DoublePulsar”. EternalBlue is the exploit; it gains access through unpatched Windows code. DoublePulsar is what is termed the “payload”. It is a very sophisticated piece of software that leaves no trace of its existence once it is done. It is only possible to detect it after infection and before a reboot. No one understands exactly what it does, yet, but researchers at CounterCept have made some progress. But it can inject arbitrary information into your system, and WannaCrypt took the opportunity to inject software that encrypts your hard drive and doesn’t give you the key.
In conclusion, patch your machine. If you don’t know how, that’s ok. We can help.
You can contact us with the linked form, or you can call us at 405-627-3168. We can set you up with a remote monitoring program and perform system updates for you, and provide antivirus. We can provide backup services. Act now, before you get hit by one of these worms. If it’s not WannaCrypt, it’ll be the next one. Hackers are only getting smarter.