Published: Fri, May 19, 2017
Hi-Tech | By Ellis Neal

WannaCry ransomware: 5 things you dint know about

"The size of the outbreak is indicative of the number of machines out there which have not been patched with security updates".

WannaCry seems to have attacked computers in Russian Federation first, after which the ransomware quickly spread to as much as 150 + countries and affected Microsoft computers. According to various resources, the attack affected many National Health Service (NHS) hospitals in England and Scotland, and up to 70,000 devices - including computers, MRI scanners, blood-storage refrigerators and theatre equipment - may have been affected. They allege that last week's WannaCry attack exploited a flaw that the USA government knew about and chose not to disclose, an identical situation to the Heartbleed virus that the National Security Administration knew about for around two years before researchers discovered it and announced it to the public.

The "kill" function halted WanaCryptor's ability to copy itself rapidly to all terminals in an infected system - hastening its crippling effect on a large network - once it was in contact with a secret internet address, or URL, consisting of a lengthy alphanumeric string. He immediately claimed the URL for himself, spending about $11 to secure his access, and that greatly slowed the pace of infections in Britain.

Below are a few excerpts from the article, "3 Steps to Protect Critical Business Data from WannaCry Ransomware Attack".

WanaCryptor 2.0 is only part of the problem. These ransomwares can easily infect the systems through spam and phishing, which accounts for 46% of the leading causes.

In the case of the Windows bug that led to the creation of WannaCrypt, Microsoft was alerted about it several months ago by the NSA, after hacking tools that the agency had developed were stolen and released on the web by another group of hackers.

According to numerous reports, WannaCry exploits a vulnerability in Microsoft Windows that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes. Whatever its source, it was published on the internet last month by a hacker group called ShadowBrokers. World-affecting extortionists might be able to find the attention of the authorities through minimal effort and maximum casualties, as is evidenced with the WannaCry spread of ransomware.

WannaCry ransomware had spread using a loophole in Microsoft windows operating systems that were initially found by the United States national security agency (NSA), which according to reports was using it in order to find a way to hack networks of terrorist groups, and was leaked by Shadow Brokers, which said that it had found the tools in agency's servers which the group had breached earlier. Unfortunately, however, a new variant of the program is already in the wild.

The government held an emergency meeting Saturday of its crisis response committee, known as COBRA, to assess the damage. Linux, Mac or any unix based OS are not affected.

Ransomware is ideally used against large organizations and can meet the large ransom that is usually demanded of hackers. Moreover, an operating system built over a decade and a half is not designed for modern hardware or sophisticated attacks that are expected in 2017.

Like this: