Technology
Ransomware threat: Get patched, find a firewall or upgrade fast
It was coming. On March 14 this year, Microsoft released a security update which addressed the vulnerability in the 16-year-old Windows XP operating system that the hackers behind the massive ransomware attack exploited and created havoc in 150 countries.
 
The vulnerability in the Microsoft Windows software -- exploited by "WannaCrypt" -- crippled computers from hospitals in Britain to police stations in India, with hackers demanding hundreds of dollars from the users for them to regain control over their data.
 
Once Microsoft released the patch for the vulnerability -- exploited by hacker group "Shadow Brokers" after stealing a software from the US National Security Agency (NSA) -- some Window XP users installed the update called "Microsoft Security Bulletin MS17-010" on their desktops and laptops. 
 
But several didn't. 
 
There are nearly 150 million computers running Windows XP operation system globally. Those who didn't pay heed to the Windows XP patch are the ones who have fallen prey to the world's biggest ransomware attack.
 
Microsoft which had discontiued security updates to its out-of-date software, has also provided a security update for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.
 
According to the company, "customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March. 
 
"If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible," said Phillip Misner, Principal Security Group Manager, Microsoft Security Response Centre, in a statement.
 
Meanwhile, "WannaCrypt" locked up machines, encrypted files and demanded approximately $600 in Bitcoin for a recovery key.
 
According to global cyber security firms, paying heed to updates can only save your data from being put to ransom.
 
"Install the official patch from Microsoft that closes the vulnerability used in the attack. Ensure that security solutions are switched on all nodes of the network. If Kaspersky Lab's solution is used, ensure that it includes the 'System Watcher', a behavioural proactive detection component and that it is switched on," Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told IANS.
 
"Run the 'Critical Area Scan' task in Kaspersky Lab's solution to detect possible infection as soon as possible (otherwise it will be detected automatically, if not switched off, within 24 hours)," he added.
 
According to Subhendu Sahu, Acting Country Manager for India, FireEye, the ransomware poses high risks to organisations using potentially vulnerable Windows machines. 
 
"We can certainly expect follow-on attacks. Organisations seeking to take risk management steps related to this campaign should install the latest Windows patches. They should also use the indicators of compromise which are associated with this activity. FireEye has also taken steps to help secure its customers," Sahu told IANS.
 
As investigators were working to track down those responsible for the ransomware attack, Microsoft President and Chief Legal Officer Brad Smith said the governments should treat this attack as a "wake-up call".
 
The news led software security providers to ramp up anti-malware software.
 
"Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers. McAfee has subsequently provided DAT (that contain data in text or binary format) updates to all its customers and provided them and the public further analysis on the attacks," Ian Yip, Chief Technology Officer, Asia Pacific, McAfee, told IANS.
 
If you are a home Windows XP user, patch immediately follow up with an upgrade. If you are running a vulnerable system and cannot install the patch for some reason, try doing the following:
 
"Disable SMBv1 (a server component) with the steps documented at 'Microsoft Knowledge Base Article 2696547' and as recommended previously. Consider adding a rule on your router or firewall to block incoming Server Message Block (SMB) traffic on port 445," said a report in the technology website Engadget.
 
"This is big and set to get bigger. We haven't seen anything like this since Conficker in 2008," Amit Nath, Head of Asia Pacific-Corporate Business at cyber security firm F-Secure Corporation, told IANS.
 
The Conficker worm infected millions of computers including government, business and home computers in over 190 countries.
 
Always make sure your files are backed up. 
 
"That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup. Using Cloud storage with anti-virus scanning abilities to share files will help users to mitigate any possible threats," suggested Anand Ramamoorthy, Managing Director, South Asia, McAfee.
 
Remember this: "WannaCrypt" probably won't work across the internet for PCs behind a firewall or router.
 
"But if a server is connected directly to the internet or a PC is on the same network as an infected computer, it can spread quickly -- which is exactly what has happened," the Engadget report added.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.

 

User

Ransomware emerges as most dangerous cyber threat yet
As the world struggles to tame the massive "WannaCrypt" attack, ransomware has emerged as the most dangerous cyber threat for both organisations and individuals in recent months, with global losses now likely running into hundreds of millions of dollars.
 
Ransomware is a malicious software that locks a connected device, such as a computer, tablet or smartphone and then demands a ransom to unlock it.
 
According to Norton by Symantec, one of the global leaders in cyber security software, there was a 36 per cent increase in the ransomware attacks in 2016 and the ransomware families have grown three times -- from 30 in 2014 to 101 in 2016.
 
"In 2016, we identified over 100 new malware families released into the wild, more than triple the amount seen previously, and a 36 per cent increase in ransomware attacks worldwide," Tarun Kaura, Director, Solutions Product Management, Asia Pacific & Japan, Symantec told IANS.
 
India alone faces 4 per cent of the total ransomware attacks while the US is most affected, with 34 per cent of the ransomware attacks globally.
 
India has been ranked fifth in terms of global threat rank by destination, with 3.8 per cent global threat detection.
 
"Over 180 Indian companies were victims of 'ransomware' -- or online extortion schemes -- in the first six months of 2016," said Trend Micro Incorporated, a global leader in security software and solutions.
 
While most major ransomware groups tend to be indiscriminate in their attacks, consumers are often less likely to have robust security in place, increasing the possibility of falling victim. 
 
"The average ransom demanded globally by attackers also saw an upward spike this year. The average ransom demanded to date in 2016 more than doubled from Rs 19,670 in 2015 to Rs. 45,428," a recent Norton by Symantec study highlighted.
 
"WannaCrypt" -- the ransomware malware used in Friday's massive cyber attack -- has the ability to spread itself within corporate networks, without user interaction, by exploiting a known vulnerability in Microsoft Windows. 
 
Computers which do not have the latest Windows security updates are at the risk of infection.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.

 

User

Nifty, Sensex headed higher – Monday closing report
We had mentioned in Friday’s closing report that Nifty, Sensex were getting overbought. The major indices of the Indian stock markets were range-bound on Monday and closed with small gains of around 0.50% over Friday’s close. The trends of the major indices in the course of Monday’s trading are given in the table below:
 
Positive domestic macro-economic data and a strong rupee cheered the Indian equity markets on Monday. Investors' sentiments were buoyed by official data released after market hours on Friday -- Wholesale Price Index (WPI) and Consumer Price Index (CPI) -- which showed that inflation eased in April. The data on annual rate of inflation was calculated on a revised base year of 2011-12. However, India's factory output growth slowed to 2.7% in March on the back of poor manufacturing performance in the new Index of Industrial Production (IIP) with revised base year of 2011-12. The key indices traded with gains of close to half a per cent each during the mid-afternoon trade session, as buying was witnessed in banking, metal and healthcare stocks.
 
Equity benchmark indices started off the first day of the week on a firm note tracking positive macro-economic data. Appreciation of the rupee against the US dollar also supported the firm opening of the equity markets, according to market analysts. Most banking stocks traded with firm sentiments lead by Kotak Bank. Auto, power, oil-gas and cement sector stocks complemented the firmness of the markets, pointed our market analysts.
 
In a survey conducted during March and April 2017, industry chamber Federation of Indian Chambers of Commerce and Industry (FICCI) predicted India's gross domestic product (GDP) growth will be around 7.4% for fiscal 2017-18, with a minimum and maximum level of 7% and 7.6% respectively. Reasoning out the growth, FICCI's Economic Outlook Survey said: "While agricultural sector is estimated to clock 3.5% growth in 2017-18; the pick-up in overall GDP growth will also be supported by an improvement in industry and services sector growth. The industry and services sector are expected to grow by 6.9% and 8.4% respectively in 2017-18.” The survey was conducted amongst economists belonging to the industry, banking and financial services sector and the participants feel that with the process of re-monetisation almost complete, consumption activity has witnessed an uptick and will further build up going ahead. Also, the India Meteorological Department's latest forecast of monsoon arriving on time and being sufficient provides some reprieve amidst earlier reports of the El Nino having a dampening effect this year. Overall, macroeconomic trends in India project a long term bullish trend in the Indian stock markets.
 
Thousands of commuters in Tamil Nadu were stranded on Monday as transport workers unions began an indefinite strike pressing for higher wages. The transport corporation workers unions began their indefinite strike from Sunday midnight to press for higher wages and perks to combat rising inflation and price rise. Very few staff members arrived for duty at the bus depots, resulting in most of the long-distance inter-state public transport services getting crippled. On Monday, students who had to appear for an examination at 10 a.m. lamented as their daily commute took around two hours. Listed corporate entities with manufacturing facilities in Tamil Nadu are likely to vibrate in line with the labour and infrastructure problems in the state and show poorer quarterly corporate earnings.
 
Private sector lender ICICI Bank on Monday said that it has reduced interest rates by up to 30 basis points (bps) for home loans of up to Rs30 lakh. "With this reduction, salaried borrowers can avail home loans at among the lowest rates in the industry. Salaried women borrowers will get home loans at 8.35% and others at 8.40%," the private sector lender said in a statement.  According to ICICI Bank, customers from economically weaker section (EWS) and low income group (LIG) can avail the dual benefit of low interest rates and credit linked subsidy under the Pradhan Mantri Awas Yojana. ICICI Bank shares closed at Rs302.05, up 1.82% on the BSE.
 
China's retail sales, a key indicator of consumption, grew 10.7% year on year in April, 0.2 percentage points slower than the March level, official data showed on Monday. Total retail sales of consumer goods hit 2.73 trillion yuan ($395.4 billion) last month, Xinhua news agency cited the National Bureau of Statistics (NBS) as saying. It increased 0.79% month on month. In the first four months, total retail sales of consumer goods rose 10.2% year on year, 0.2% points faster than the growth in the first quarter, according to Xing Zhihong, a spokesperson with the NBS. Consumption activities were relatively stronger in rural areas, with retail sales expanding 12.6% in April, outpacing urban areas, where retail sales climbed 10.4% year on year. Online spending was robust. From January to April, online retail sales surged 32% year on year to 1.92 trillion yuan. Xing said the April figure indicates continued expansion of domestic consumer demand, which was partly driven by consumption upgrades and new business patterns such as online sales. China is trying to shift its economy toward a growth model driven by consumer spending, innovation and services, while weaning it off reliance on exports and investment.  Chinese stock market indices are on a long term bullish trend and are important to the Indian stock markets as they close early in the trading day for our stock markets.
 
News from US markets was also not good on Friday amidst negative news on the political front with the FBI director’s termination from work. According to Reuters, “The U.S. benchmark S&P 500 stock index and the Dow edged lower as tepid economic data weighed on banks and worries deepened over Nordstrom Inc (JWN.N), J.C. Penney (JCP.N) and other department stores after weak earnings reports.  The S&P closed lower and fell for the first week in four as weak economic data weighed on financial shares.”
 
The top gainers and top losers of the major indices are given in the table below:
 
 The closing values of the major Asian indices are given in the table below:
 

User

We are listening!

Solve the equation and enter in the Captcha field.
  Loading...
Close

To continue


Please
Sign Up or Sign In
with

Email
Close

To continue


Please
Sign Up or Sign In
with

Email

BUY NOW

The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Magazine
Fiercely independent and pro-consumer information on personal finance
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
MAS: Complete Online Financial Advisory
(Includes Moneylife Magazine and Lion Stockletter)