As I’m sure some of you are aware, just over a week ago, the UK and many other countries suffered a Ransomware attack that coated the nation in chaos. It will go down in history as one of the world’s worst cyber-attacks, successfully reaching over 230,000 machines in over 150 countries worldwide. If you want to find out more about cyber-crime before we get started, you can check out this article here.
Like worm viruses in the early 2000’s, WannaCry took advantage of vulnerabilities in operation systems and used this to infect other machines. It prayed on those who refused to let their machines automatically update – the patch for disabling WannaCry was originally released on 14th March 2017 by Microsoft.
For the hackers, it only earn’t them a measly £60,000 In Bitcoin personally – but it was everyone else that suffered. Data breach costs of WannaCry are still slowly climbing, and are within the region of around $4M (£3.1M) according to Sailpoint. It is also a common misconception that the virus specifically targeted the NHS, but in fact, the NHS were one of hundreds of thousands of targets across the globe. All WannaCry did was highlight how insecure some of our healthcare organisations sectors really are. In total, just over 40 hospitals had their databases ripped to shreds by the virus, costing thousands of work hours and panicked minds.
Above – map of countries affected by WannaCry worldwide after just 3 days.
A few days after the initial attack, a 22 year-old, self taught malware specialist from MalwareTech managed to sinkhole the virus into a registered domain. The virus itself had a line of code imbedded within which asked itself whether the system it was infecting matched the domain it had in its memory. The website was extremely unlikely to ever be registered because of its obscure length, which was: http://iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/ in case you were wondering (it’s safe to go onto the site, don’t worry). All that the hacker did was buy the exact domain displayed for just $10 and reinitiate the virus on that specific machine. The virus was given the red flag because the domain matched and the kill switch was engaged, shutting the virus down.
All that remains now on the website, is the company slogan.
As expected, sales of security software sky-rocketed after WannaCry. Although security measures should be taken, experts are ordering businesses and individuals to “Make cyber-security an active part of your strategy, not a reaction to a disaster”. As we approach a week on from the outbreak of WannaCry, it is a wakeup call to the dangers online. With any luck, the virus has help string the ears of the businesses of the world; big and small.
If you want to find out how to make sure your computer stays as secure as possible, you can learn more here. You can also attend our Cyber Security seminar this Friday- tickets here.