Citing an elevated risk of cyber attacks, Microsoft has released several security updates during its June “Patch Tuesday” in an effort to protect against widespread hacking. A recent blog post by Adrienne Hall, General Manager of Microsoft’s Cyber Defense Operations Center, stated, “In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations.”
In May 2017—after the WannaCry ransomware locked hundreds of thousands of machines around the world and demanded that victims paid a ransom in bitcoin—Microsoft was prompted to release updates for software that it no longer supports. This was an unexpected move that preceded more updates for old, outdated systems.
British security officials have recently linked the North Korean government to the creation of WannaCry, based on tactics, techniques and targets. The ransomware was originally built around a hacking tool belonging to the National Security Agency and spread through a flaw in Windows.
The Importance of Performing Updates
WannaCry is believed to be a flawed attempt to raise revenue for the North Korean regime, considering the hackers have not yet cashed in the $140,000 in bitcoin they stole. That is likely because the transactions are easy to track. Despite the failed attempt, one of the reasons why WannaCry was so powerful was because many of the facilities attacked hadn’t updated their software to patch holes in security.
The most recent security update includes patches to its Windows XP, Windows Vista and Server 2003 products, which are all unsupported but still widely used. Microsoft suggests customers enable Windows Update if they haven’t already.
Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.
© 2017 Zywave, Inc.