'WannaCry' ransomware attack may be just the beginning

Last week’s major ransomware attack that reached an estimated 200,000 computers around the world could be just a prologue for wider infection, especially since it’s unclear how many people around the world are discovering today that their machines have been compromised.

Efforts to turn back the worm — variously called “WannaCry” or “WannaCrypt” — could be made even more complicated by the emergence of variations that work around a temporary fix, the BBC reported this weekend.

Machines with Microsoft (NASDAQ: MSFT) operating systems that haven’t been updated with a specific patch are vulnerable to the worm, which encrypts most of the files on an infected computer and demands payment of $300 in bitcoin to get back a key to release those files.

The BBC quoted the security researcher whose early actions helped limit the infection's spread, with that researcher saying it’s likely a similar attack is coming soon, if not today. That’s because his “fix” relied on activating an external “kill switch” that was hard-coded into the worm, but future variations could easily change that element, he told the BBC. The only permanent solution is to install Microsoft’s patch, he said.

For its part, Microsoft posted a statement on Sunday connecting the worm to an exploit stolen from the National Security Agency earlier this year. That statement added that “this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” and compared these digital tools’ theft with “the U.S. military having some of its Tomahawk missiles stolen.”

http://www.bizjournals.com/seattle/news/news-wire/2017/05/15/wannacry-ransomware-attack-may-be-just-the.html?ana=e_ae_set5&s=article_du&ed=2017-05-15&u=ColXVN5SPzQtLHFP87ho2w07857290&t=1494892825&j=78176481