The deadly WannaCry ransomware, which crippled government-run websites and major corporations globally, spanning more than 150 countries earlier in the year, was the handiwork of North Korea, says Microsoft head.
Even though North Korea and Russia were widely reported of carrying out the WannaCry attack, there was neither tangible evidence nor publicly acknowledged by affected country governments or companies to prove their involvement.
Also read: Cyber Attack Alert: nRansomware demands your nude photos to recover locked files; here's how to safeguard your PCs
For the first time, Brad Smith, president of Microsoft in an interview with ITV news confirmed that Pyongyang-based hackers, understood to have stolen the US-based NIA (National Intelligence Agency)'s tools (Eternal Blue), attacked the global computer networks via WannaCry ransonmware.
Smith observed that the cyber attacks have increased more in 2017 than ever before and attributes to the fact that more and more people are now accessing the digital networks across the world and some emerging countries are not equipped (in terms of security infrastructure) enough to predict and mitigate the hacking.
In order to control future threats, Smith has called for world leaders to form a global consortium on lines of Geneva Convention of 1949, which if created, will make hacking of foreign governments and private citizens, other related cyber crimes, a violation of International law and invite severe sanctions to culprit nations.
In the interview, Smith also gave Microsoft the benefit of the doubt for its Windows XP software, which was in the midst of the storm over the lack of security patch and caused the WannaCry spread globally.
During the May attack, US-based NHS (National Health Services) and other corporate companies were using systems with the Windows XP. Just a few months back, Microsoft had discontinued technical support to the aforementioned operating system and urged clients to upgrade to newer and safer Windows 10 series, but the government agencies and private firms, in their bid to control costs, continued to use the out-dated software and paid a heavy cost.
Considering the severity of the situation, Microsoft released the security software patch to all the Windows XP systems and finally controlled the spread of WannaCry.
"We repeatedly asked people, we explained to people, we virtually pleaded with people 'please don't rely on software that now belongs in a museum," Brad Smith told ITV.
Here's how to protect your PCs from ransomware and malwares:
- Always keep your PCs updated with latest firmware; most software companies including Microsoft and Apple usually send software updates regularly in terms of weekly or monthly and make sure to update them immediately
- Make sure to use premium Anti-virus software, which also provides malware protection and Internet security
- Never open email sent from unknown senders
- Disable ActiveX content in Microsoft Office applications such as Word, Excel, etc.
- Disable remote Desktop Connections, employ least-privileged accounts. Limit users who can log in using Remote Desktop, set an account lockout policy. Ensure proper RDP logging and configurations
- Never install plugins (for browsers) and application softwares on the PCs from un-familiar publishers
- System administrators in corporate companies should establish a Sender Policy Framework (SPF) for their domain, which is an email validation system designed to prevent spam by detecting email spoofing by which most of the ransomware samples successfully reaches the corporate email boxes.
Additional security measures that may be considered by system administrators:
- Use RDP Gateways for better management
- Change the listening port for Remote Desktop
- Tunnel Remote Desktop connections through IPSec or SSH
- Two-factor authentication may also be considered for highly critical systems