Who's to blame for ransomware attack?

Meanwhile, as Microsoft argued, the government's practice of stockpiling exploits and keeping them secret makes it all the more risky when they're leaked.

A United Kingdom -based security researcher who goes by the name MalwareTech put a stop to the spread of WannaCry on Friday by registering a domain name he discovered in the ransomware's code.

The ransomware took advantage of a flaw in Microsoft's Windows operating system.

Writing on the company's website, Microsoft's president and chief legal officer Brad Smith gave a post-mortem of last Friday's "WannaCrypt" cyber-attack, which spread across the world thanks to a database of exploits stolen from the US' National Security Agency (NSA). He described what the WannaCry malware doing now and how it invades computers through an old loophole on Microsoft Windows.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", he said.

The WannaCry ransomware appears to only attack unpatched computers running Windows 10.

Fallon finds similarities between Trump, 'Legally Blonde' commencement speeches
Trump says: "You must go forth into the world. passion, courage in your conviction, most importantly be true to yourself". Trump began his speech by telling students to "chase their dreams" before dipping into familiar territory.


They know it is not a good look to be caught out by ransomware hackers. The web address was a long string of meaningless letters - a domain name that wasn't registered to anyone. Other than that, there are some decryption tools that claim to decrypt the files that the ransomware have locked down.

Moreover, with rampant piracy in the country, higher usage of unlicensed software could make the situation worse, they warned. But Darien Huss, a ProofPoint researcher in IN, confirmed that what MalwareTech had actually triggered was a "kill switch" that instructed WannaCry to stop spreading.

A FedEx spokesperson confirmed to ABC News that it was among the victims of the attack.

Those tools were part of a large cache of older NSA data that was stolen sometime over the past few years. Why would somebody do this?

The WannaCry attack took over computer systems, caused them to freeze, and displayed the message, "Oops, your files have been encrypted!" It's also possible, according to ProofPoint, that the attackers didn't mean to release the malware this soon, or this broadly, and were just as surprised at its rapid spread as everyone else.

Meanwhile in Hong Kong, the ransomware reportedly affected devices belonging to three individuals, who had not installed the latest security updates on their Windows 7 operating system, and were directly connected to the internet.

  • Delia Davidson