Cyber attack could spark lawsuits but not against Microsoft

The recent "WannaCry" attack was made possible by a flaw in the 15-year-old Windows XP operating system.

While many cyber policies would cover losses from WannaCry and related attacks and cyber coverage is growing more popular throughout the world, the United States is by far the biggest market for cyber insurance - but most of the problems with WannaCry have been reported in Europe and Asia, they say.

The malware has spread at a whopping pace reaching countries worldwide, with evidence of the malicious software found in more than 150 countries. This security patch was issued to help avoid spread of the Wannacry ransomware on the thousands of users still now using this dated operating system. This is to prevent the ransomware from using the unprotected Windows XP unit as a gateway.

While it's not clear what could have possibly prompted organisations to under-report the impact of WannaCry ransomware, this could well be a cost saving measure, but at the expense of data security.

In just four days, the WannaCry ransomware reeled in enough money to buy 8,750 servings of avocado toast (or maybe a modest house, if you're into that sort of thing). However, there were speculations that some banks in Kerala, Andhra Pradesh had got affected by the cyber attacks.

And the attack will lead to more non-U.S. companies buying cyber coverage, said Mr. Reagan of Marsh.

Should I pay the ransom?

"The governments of the world should treat this attack as a wake-up call". The ransomware attack will force hundreds of thousands of users of older versions of the Windows operating system to upgrade to recent versions such as Windows 10 Pro - which now retails on the Windows store for a sweet Rs 14,999.

Microsoft President and Chief Legal Officer Brad Smith blamed the NSA's practice of developing hacking methods to use against the USA government's own enemies.

Calling for a "Digital Geneva Convention", Microsoft's Smith said the widespread damage caused by the ransomware shows that governments need to treat cyber weapons the same way they treat conventional weapons.

The free update was released by Microsoft in March this year, a month before the NHS Digital notice was sent out.

"While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally", he said.

As the Guardian notes, the vulnerability does not exist within Microsoft's Windows 10, "but is present in all versions of Windows prior to that, dating back to Windows XP". Businesses in China had systems hijacked, Russia's interior ministry had 1,000 computers affected and at least one South Korean movie theater had issues playing trailers.

"We take every single cyber attack on a Windows system seriously, and we've been working around the clock since Friday to help all our customers who have been affected by this incident", Smith said.

While the attack did hit networks, the access point to those networks was through computers that had not been updated with a patch Microsoft released in March.

According to Symantec data, there were 463,841 ransomware attacks in 2016, up from 340,665 attacks in 2015, he said. Further, legal experts claim that this category of users suffering losses incurred from WannaCry will not be able to report losses due to the use of pirated software.

"As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems", he stated.