About a million Windows users could be at risk of a highly spreadable ransomware attack, experts fear could be as troubling as the 2017 WannaCry cyberattack.
Concerns surrounding the potential severity of BlueKeep has prompted New Zealand’s Cyber Security Centre and Microsoft to issue urgent warnings for users to update their operating systems.
Microsoft says any operating system earlier than Windows 8 is at risk with internet security company AVG warning users to check if their operating system is ‘dangerously out of date’.
Microsoft alerted users to BlueKeep earlier this year, but have warned more than a million computers are still vulnerable.
The vulnerability involves a common Windows protocol, which can allow hackers to remotely takeover a computer without any input from the machine’s owner.
The simplicity of BlueKeep means it can potentially hit thousands of computers.
Microsoft lists BlueKeep as a 9.8 out of 10 in threat severity, prompting its director of security to compare it to WannaCry.
In 2017 WannCry hit Windows computers globally and resulted in more than 300,000 being infected with the ransomware worm.
That cybervirus spread rapidly to the point where the UK National Health Service and European telecommunications and automotive services were affected.
CERT NZ has recommended Kiwis update their operating sysem as soon as possible, saying once you have updated your software you are no longer at risk.
Windows 7, XP, Windows Server 2008 R2, and Windows Server 2008 and out-of-support systems including Windows 2003 are affected, while Windows 8 and 10 are not, according to CERT NZ.
Australia’s Cyber Security Centre estimates WannaCry cost the global economy hundreds of millions in lost revenue and repair bills.
More than a year later MalwareBytes revealed WannaCry was still impacting thousands of Australian computer users and millions globally.
In 2018, it found 3388 cases of WannaCry on Australian systems but said globally that number was closer to three million computers.
Microsoft says BlueKeep is able to ‘worm’ its way into computer systems with no owner interaction at all.
ACSC warned last month, adding BlueKeep has the potential for “significant, widespread harm around the world.”
“The BlueKeep vulnerability is readily available to cyber criminals who seek to exploit vulnerable systems en masse. These criminal groups are not necessarily targeting unsuspecting users; they’re simply sweeping the landscape for vulnerable, outdated systems that are easily penetrable.”
/arc-anglerfish-syd-prod-nzme.s3.amazonaws.com/public/JMEMDUUN3JAGHANNNMRZ6JPVMY.jpg)
HOW TO PROTECT YOURSELF
Microsoft warns up to one million computers connected directly to the internet are vulnerable to BlueKeep.
The tech company is offering fixes for vulnerable operating systems, including Windows 7, Windows Server 2008 R2, and Windows Server 2008 and out-of-support systems including Windows 2003 and Window XP. Windows 10 is not affected.
“If you’re using Windows 7, we recommend you update your Windows software as soon as possible,” CERT NZ says.
“If you’re using Windows XP, we recommend you upgrade to a new version of Windows.
these updates will not happen automatically, it is important that users of these systems update them manually.
“If you’re using Windows 8 or Windows 10, you don’t need to do anything as these systems are not affected. CERT NZ recommends you turn on automatic updates so that future software updates can happen automatically.”
WHAT IF I IGNORE IT?
British cybersecurity firm Sophos released a video to show the severity of BlueKeep stressing it can take over a computer without any authentication.
The Sophos video shows how hackers can easily get full control of a computer without needing to deploy malware.
The IT firm warns BlueKeep is highly ‘wormable’, meaning if hackers can successfully get into one system, they can then easily takeover other systems.
Online security companies such as McAfee have also warned against BlueKeep in multiple blogs.
To read the original article:
https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12247740