Officials in Mecklenburg , N.C. must make a difficult decision by 1 p.m . ET on Wednesday : They must choose whether to pay Attack.Ransom two bitcoins—currently worth about $ 25,000—to hackers who are holding the county ’ s computer files for ransom Attack.Ransom , [ Update : they refused to pay Attack.Ransom ] . The situation is the latest example of cyber criminals deploying Attack.Ransom a form of software known as ransomware , which freezes up files on a computer network until someone enters a decryption code to unlock them . Typically , the code can only be obtained by paying Attack.Ransom the hackers . An official for the county , which encompasses the city of Charlotte , said the ransomware was triggered when an employee clicked on an email attachment , and that it is wrecking havoc with daily operations : “ She said an example of the problem is the county ’ s code enforcement office , where much of the work is done electronically . Employees no longer have access to their records . But she said they are switching to paper records for work on Wednesday , ” according to the Charlotte Observer . The official also explained that the county faces a dilemma in deciding whether to pay Attack.Ransom . While paying the ransom Attack.Ransom may be the only way to obtain the decryption key , there is no guarantee the hackers will honor their commitment and provide the key . The anonymous hackers do not appear to have targeted Mecklenburg county in particular , but rather the official thinks the attack was launched as part of a broader money-making scheme involving ransomware . Similar attacks , which typically exploit old Microsoft software , struck millions of computers in two separate waves earlier this year , affecting everything from businesses to governments to hospitals . While most of the incidents occurred in Europe and Asia , U.S. organizations were hit too—including a transit system in Sacramento , Calif. and a hospital in Los Angeles .

Technology companies are starting to respond to a new Wi-Fi exploit affecting Vulnerability-related.DiscoverVulnerability all modern Wi-Fi networks using WPA or WPA2 encryption . The security vulnerabilities allow attackers to read Wi-Fi traffic between devices and wireless access points , and in some cases even modify it to inject malware into websites . Security researchers claim Vulnerability-related.DiscoverVulnerability devices running macOS , Windows , iOS , Android , and Linux will be affected Vulnerability-related.DiscoverVulnerability by the vulnerabilities . Microsoft says it has already fixed Vulnerability-related.PatchVulnerability the problem for customers running supported versions of Windows . “ We have released Vulnerability-related.PatchVulnerability a security update to address Vulnerability-related.PatchVulnerability this issue , ” says a Microsoft spokesperson in a statement to The Verge . “ Customers who apply Vulnerability-related.PatchVulnerability the update , or have automatic updates enabled , will be protected . We continue to encourage customers to turn on automatic updates to help ensure they are protected. ” Microsoft says the Windows updates released Vulnerability-related.PatchVulnerability on October 10th protect customers , and the company “ withheld disclosure Vulnerability-related.DiscoverVulnerability until other vendors could develop and release Vulnerability-related.PatchVulnerability updates. ” While it looks like Android and Linux devices are affected Vulnerability-related.DiscoverVulnerability by the worst part of the vulnerabilities , allowing attackers to manipulate websites , Google has promised Vulnerability-related.PatchVulnerability a fix for affected devices “ in the coming weeks. ” Google ’ s own Pixel devices will be the first to receive Vulnerability-related.PatchVulnerability fixes with security patch level of November 6 , 2017 , but most other handsets are still well behind even the latest updates . Security researchers claim Vulnerability-related.DiscoverVulnerability 41 percent of Android devices are vulnerable Vulnerability-related.DiscoverVulnerability to an “ exceptionally devastating ” variant of the Wi-Fi attack that involves manipulating traffic , and it will take time to patch Vulnerability-related.PatchVulnerability older devices . The Verge has reached out to a variety of Android phone makers to clarify when security patches will reach Vulnerability-related.PatchVulnerability handsets , and we ’ ll update you accordingly . At the time of writing , Apple has not yet clarified Vulnerability-related.DiscoverVulnerability whether the latest versions of macOS and iOS are vulnerable Vulnerability-related.DiscoverVulnerability . The Wi-Fi Alliance , a network of companies responsible for Wi-Fi , has responded to the disclosure Vulnerability-related.DiscoverVulnerability of the vulnerabilities . “ This issue can be resolved Vulnerability-related.PatchVulnerability through straightforward software updates , and the Wi-Fi industry , including major platform providers , has already started deploying Vulnerability-related.PatchVulnerability patches to Wi-Fi users , ” says a Wi-Fi Alliance spokesperson . “ Users can expect all their Wi-Fi devices , whether patched or unpatched Vulnerability-related.PatchVulnerability , to continue working well together. ” Apple also confirmed to both The Verge and AppleInsider that the vulnerability is patched Vulnerability-related.PatchVulnerability in a beta version of the current operating systems . The fix should go public Vulnerability-related.PatchVulnerability in a few weeks , so iOS and macOS devices are n't in the clear just yet . AppleInsider also reports that AirPort hardware , including the Time Machine , AirPort Extreme base station , and AirPort Express do not have a patch . The publication 's source also was n't sure if one was in the works .

A flaw in unpatched versions of Window 10 could leave machines vulnerable Vulnerability-related.DiscoverVulnerability to EternalBlue , the remote kernel exploit behind the recent WannaCry ransomware attack Attack.Ransom . WannaCry targeted a Server Message Block ( SMB ) critical vulnerability that Microsoft patched Vulnerability-related.PatchVulnerability with MS17-010 on March 14 , 2017 . While WannaCry damage Attack.Ransom was mostly limited to machines running Windows 7 , a different version of EternalBlue could infect Windows 10 . Researchers at RiskSense stripped the original leaked version of EternalBlue down to its essential components and deemed parts of the data unnecessary for exploitation . They found they could bypass detection rules recommended by governments and antivirus vendors , says RiskSense senior security researcher Sean Dillon . This version of EternalBlue , an exploit initially released by Shadow Brokers earlier this year , does not use the DoublePulsar payload common among other exploits leaked by the hacker group . DoublePulsar was the main implant used in WannaCry Attack.Ransom and a key focus for defenders . `` That backdoor is unnecessary , '' says Dillon , noting how it 's dangerous for businesses to only focus on DoublePulsar malware . `` This exploit could directly load malware onto the system without needing to install the backdoor . '' EternalBlue gives instant un-credentialed remote access to Windows machines without the MS17-010 patch update . While it 's difficult to port EternalBlue to additional versions of Windows , it 's not impossible . Unpatched Windows 10 machines are at risk , despite the fact that Microsoft 's newest OS receives exploit mitigations that earlier versions do n't . The slimmed-down EternalBlue can be ported to unpatched versions of Windows 10 and deliver stealthier payloads . An advanced malware would be able to target any Windows machine , broadening the spread of an attack like WannaCry , Dillon explains . It 's worth noting WannaCry was a blatant , obvious attack , he says , and other types of malware , like banking spyware and bitcoin miners , could more easily fly under the radar . `` These can infect a network and you wo n't know about it until years later , '' he says . `` It 's a threat to organizations that have been targets , like governments and corporations . Attackers may try to get onto these networks and lay dormant … then steal Attack.Databreach intellectual property or cause other damage . '' Dillon emphasizes the importance of updating Vulnerability-related.PatchVulnerability to the latest version of Windows 10 , but says patching Vulnerability-related.PatchVulnerability alone wo n't give complete protection from this kind of threat . Businesses with SMB facing the Internet should also put up firewalls , and set up VPN access for users who need external access to the internal network . Businesses should have a good inventory of software and devices on their networks , along with processes for identifying and deploying Vulnerability-related.PatchVulnerability patches as they are released Vulnerability-related.PatchVulnerability , says Craig Young , computer security researcher for Tripwire 's Vulnerability and Exposures Research Team ( VERT ) . This will become even more critical as attackers move quickly from patch to exploit . There will always be a window of opportunity for attackers before the right patches are installed Vulnerability-related.PatchVulnerability , Young notes . EternalBlue is a `` very fresh vulnerability '' given that most breaches that use exploits leverage flaws that have been publicly known Vulnerability-related.DiscoverVulnerability for an average of two years or more . `` EternalBlue is a particularly reliable exploit that gives access to execute code at the very highest privilege level , so I would expect that hackers and penetration testers will get a lot of use out of it for years to come , '' he says .