The WannaCry Attack Was Years in the Making


Traditionally, ransomware has merely been a minor hindrance, though it has the potential to be costly. The method behind the madness is actually quite simple. Ransomware is a particularly intrusive form of malware that locks down your computer and prevents users from doing certain activities, like opening a Web browser or accessing the Internet entirely.

In order to remove the ransomware, you must pay a sum to the developers who created it to regain full control of your computer. Of course, it doesn’t always work out that way. Most of the time, ransomware victims are lucky to ever recover access to their computers and related data.

Some of the worst ransomware has been known to encrypt and destroy data, making it more dangerous than other forms of the attack.

Last week, however, a truly nasty and unprecedented form of ransomware — fittingly named WannaCry — was able to infect more than 70,000 machines around the world within just a few hours. Worse yet, some of the affected systems belonged to hospitals. The ransomware actually prevented doctors and nurses from providing aid to their patients, some of whom were in need of dire medical attention.

But the ransomware did a lot more damage than that. It also infected the systems of a telecom company in Spain, UK-based FedEx offices and even the Russian Interior Ministry.

WannaCry caused an unprecedented amount of damage in just under half a day. There were hundreds of thousands of infected machines spread across various industries and six continents. The attackers bet on the fact that businesses rely on multiple computers at any given point during the day, and that many of those affected would be willing to pay for their freedom. Especially in the case of the compromised hospitals, there was no question that it was necessary to regain control of the computers that would allow lifesaving medical care.

In the wake of WannaCry, people worldwide are wondering: how did this interference happen, and how is something like this even possible?

How Did It Happen?

WannaCry doesn’t operate like you’d expect. That is, it’s not a seedy application or form of spam that self-installs on your computer because you clicked a bad link. It spreads, on its own, through a rather obscure Windows exploit that was only just recently patched by Microsoft engineers. The vulnerability in question is called ExternalBlue, and is the same one the NSA uses as a backdoor.

Yes, that means if you haven’t installed any recent Windows updates — specifically, Security Patch MS17 - 010 - Critical, you should take care of that as soon as possible.

The long and short of it is that, once hackers deployed the virus or ransomware, it targeted Microsoft servers running a file-sharing protocol. Any servers that had not been updated with the security patch after March 14 were quickly infected.

The attackers exploited the vulnerability to drop a payload called DoublePulsar, which included WannaCry. As soon as the first computers became infected, the ransomware began to spread like wildfire, and the rest is history.

This cautionary example goes to show just how important it is to keep both your personal and business computers updated — and not just dismiss update notifications.

How Long Has This Been in the Making?

It’s difficult to know how and when WannaCry was originally developed. What we do know for sure is that this entire event was preventable, which makes circumstances that much more unfortunate.

For decades, experts have warned us about cybersecurity and data risks. We’ve discussed the semantics of online privacy and how to protect ourselves. It seems like nearly every day, there’s a new article with tips on how to protect yourself and your data.

If there’s one key take away from the WannaCry exploit, it’s that all these warnings are absolutely pointless if no one is listening. The negligence and disregard for security have allowed such an exploit to spread so openly. Microsoft clearly did its part. The company patched the vulnerability by releasing an update, and the owners of infected machines simply had to install it, but clearly, that didn’t happen.

Think of all those software applications and mobile apps you’ve installed, but never updated. Believe it or not, many times those updates involve patches and improvements to prevent security breaches like this from happening.

It’s about time we all start taking cybersecurity more seriously, and that includes all of us doing our part to prevent another attack of this scale.

Edited by Alicia Young
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Contributing Writer

Related Articles

Protecting Your Digital Fortress Through Threat Exposure Management

By: Contributing Writer    5/23/2024

In today's digital landscape, cybersecurity threats loom large, posing significant risks to businesses, organizations, and individuals alike. With the…

Read More

Why Block Websites? Understanding the Reasons

By: Contributing Writer    5/6/2024

The internet is such an expansive network where every click can lead to information, entertainment, or opportunities for productivity. However, this a…

Read More

ChatGPT Isn't Really AI: Here's Why

By: Contributing Writer    4/17/2024

ChatGPT is the biggest talking point in the world of AI, but is it actually artificial intelligence? Click here to find out the truth behind ChatGPT.

Read More

Revolutionizing Home Energy Management: The Partnership of Hub Controls and Four Square/TRE

By: Reece Loftus    4/16/2024

Through a recently announced partnership with manufacturer Four Square/TRE, Hub Controls is set to redefine the landscape of home energy management in…

Read More

4 Benefits of Time Tracking Software for Small Businesses

By: Contributing Writer    4/16/2024

Time tracking is invaluable for every business's success. It ensures teams and time are well managed. While you can do manual time tracking, it's time…

Read More