12 May 2017

A new case of ransomware affects thousands of companies around the world

Today May 12, 2017, companies such as Telefónica and The  Britain's health system have been affected by this new ransomware attack, causing the failure of the systems due these viruses encrypt all data in computers and ask for a bailout to unlock them. Current estimates speak of an involvement of 74 countries and more than 36,000 recorded cases.

A new case of ransomware affects thousands of companies around the world
The ransomware intends to encrypt the files of the computers to request a rescue, in currency BitCoin, a cryptographic currency that can be traced. As usual, has distributor through a massive email that claimed to be legitimate and linking with an address for download. Due to its novelty, it was not detected by many antivirus programs yet.
This time the novelty has been that ransomware took advantage of a vulnerability of Microft Windows to expand to other computers of the same network. This vulnerability is known as Ethernalblue and was fixed with Microsoft Update MS017-10 dated March 15, 2017,

This update has been made for all operating systems in support of Microsoft, from Windows Vista to Windows 10 in all the respective versions (1511, 1603, 1703).

Unfortunately, not all users and companies have automatic updates enabled for several reasons: compatibility, reliability, etc; And this fact has been exploited that this ransomware to propagate within the local networks.

However, this attack brings to light that this vulnerability has been known for some time by the US National Security Agency (NSA); And was only communicated to the public when a group called The Shadow Brokers (the mysterious person or group that in recent months has leaked a value of gigabytes of  software exploits weapons from the National Security Agency) made it known few months ago.

Microsoft reacted in a few days took out the correction, but it seems that these updates have not arrived on time to many users and companies.

Anyway, it is also being announced that this news has taken a sensational and the real affect is not so much, but emergency measures to prevent damages taken by companies as Telefónica can have exaggerated its gravity.

On the case of Telefónica, there is an excellent description of what happened (in spanish), written by one of the security gurus in Spain, Chema Alonso at

http://www.elladodelmal.com/2017/05/el-translation-wannacry.html?m=1

06-09-2018

Solucionar el error 550 Acceso denegado – Invalid Helo name

30-07-2018

New domain hiring scam: OEDM – Oficina Espanol Dominios y Marcas.

12-05-2017

A new case of ransomware affects thousands of companies around the world

22-10-2016

On October 21, a cyber attack against the company Dyn pull down the major internet compani...

29-08-2016

Outlook 2016 does not synchronize IMAP folders

17-02-2016

"Locky" the new ransomware appeared on February 16th, 2016

29-07-2015

Windows 10 arrived !

25-09-2014

Shellshock Bash Bug: Descobert un error de seguretat que afecta a gran part dels equips Li...

01-07-2014

Desenvolupaments web amb disseny adaptatiu.

18-06-2014

Vulnerabilitat de xarxes Wifi

CONTACT

We are at your disposal

Map

Contact form

Fields with an * are mandatory

Write here you name and surname

Write here a correct e-mail address

ex: +34 (977 999 999)

Addresses

Vallvera 5, 4rt 2a 43800 Valls
977 614 092
info@softecnia.es