“Wanna cry” something that make us furious in the last few weeks. It was the largest ransomware attack in the internet history. It has been making rounds in May 2017. It infects the windows machines, encrypt the files, ask for ransomware and spread like a worm. Wanna cry has victimized at least 200,000 users more than in 100,000 organizations worldwide including UK’s National Health Service (NHS), FedEx, Chinese Universities, Russia’s interior ministry and they end up seeing a message like this (figure 1) asking money to decrypt your files.
The worst part of the attack was they targeted the oldest versions of Windows like windows 7 and windows XP which is unsupported since April 2014, where no patches were introduced recently. SMB (server message block – provides a method for client application in a computer to read and write files on and to request services from server programs in a computer network) protocol vulnerability was the target of wanna cry attack which is not available in systems released since windows 8. Even though Microsoft is updating their systems frequently there are still millions of XP users vulnerable not only to latest ransomware but also to dozens of other vulnerabilities like botnets, spyware etc. After wanna cry attack Microsoft introduced an emergency XP patch, but still too late. It has already infected many machines worldwide.
So, Is Microsoft to be blame for the attack for not introducing patches for older versions of Windows? Or the users who did not upgrade their systems including the patches that were introduced recently. Most of the software updates are not supported by the existing hardware. So the upgrading process should go hand in hand with both hardware and software. And as users we should keep in mind that we are not stuck behind in the technology storm.