WannaCry Ransomware Shakes the World
Last May, the threat of ransomware jumped into public focus as an attack raged across cyberspace. 150 countries were hit as files from over 240,000 private and public computers were taken hostage. Users across the globe, from South Korea to Great Britain, were helpless as a ransomware attacked. The virus, dubbed “WannaCry”, locked their files and demanded the equivalence of $300 USD in bitcoin for their safe return. The attack was so rampant, cybersecurity expert Matthieu Suiche called it a “bloodbath.”
This malicious virus targeted vulnerabilities in Microsoft Windows computers that hadn’t been updated with security patches in quite some time. People and companies with dated software were most vulnerable, like the National Health Service, where almost 90 percent of its computers ran on decades old software. European law enforcement stated the victims could have been spared had they kept up to date on the latest security patches. Microsoft released an emergency patch to protect Windows XP devices, even though the company hasn’t supported XP since 2014.
In the meantime, security experts warned against paying the ransom, as there was no guarantee users would even get their files back, In fact, cybersecurity firm Checkpoint reported that, unlike other ransomware attacks, the WannaCry malware program didn’t include a way to trace from what computer a payment came. Additional reports estimate the hackers only saw around $50,000 in ransom payments, which is nothing to sneeze at. However, considering a quarter of a million computers were affected, this is a painfully small payment for such a large attack.
WannaCry might have been able to cause more damage had it not been for the “happy accident” of a clever malware analysis expert who calls himself MalwareTech. As WannaCry swept the globe, MalwareTech reverse-engineered the virus and found its programmers built in a nonsense URL into the code. For $10.69, MalwareTech registered the URL domain to himself and it shut down the entire attack.
Users everywhere were relieved; but it’s not over yet. In a tweet, MalwareTech warned people that it’s very likely the next version of WannaCry won’t have the killswitch and encouraged people to make sure their software is updated with the latest security patches. More importantly, we need to remember WannaCry is far from the only ransomware attack waiting on the internet. Learn what you need to know to protect your computer from ransomware at sklartechnology.com/ransomware-wouldyou-pay.