Malware that attacks unsupported or unpatched Microsoft software started making the rounds today.
Just some of the coverage:
Malware Stolen From The NSA Cripples Computers In 74 Countries (And Counting)
Massive ransomware cyber-attack hits computers in 74 countries
Cyber-attack hits 74 countries with UK hospitals among targets – live updates
Cyberattack Hits Dozen Nations ‘Using Leaked NSA Hacking Tool’
Massive ransomware attack hits 99 countries
Criminals used leaked NSA cyberweapon in crippling ransomware attack, experts say
Global cyberattack disrupts shipper FedEx, UK health system
Hackers use leaked NSA bug in massive global cyber attack
Wanna Decrypter 2.0 ransomware attack: what you need to know
Wana Decrypt0r Ransomware Using NSA Exploit Leaked by Shadow Brokers Is on a Rampage
You will see phrases like “weapons grade malware,” “NSA exploit,” “NSA cyberweapon,” etc., and many others over the coming days.
It will be mentioned but few consequences will be seen for managers who practiced false economy, in not upgrading their Microsoft systems in a timely fashion.
It is equally unlikely that sysadmins will suffer for their failure to patch currently supported Microsoft systems in a timely manner.
Given those two likely outcomes, the next “massive global cyber attack,” is a question of when, not if. Managers will continue to practice false economies and sysadmins won’t follow good patching practices.
My suggestions:
- Upgrade to supported Microsoft software.
- Implement and audit patch application.
- Buy Microsoft stock.
The first two will help keep you safe and the third one will enable you to profit from the periodic panics among unsupported Microsoft software users.