Home Tags Posts tagged with "wannacry ransomware"

wannacry ransomware

The popular press is awash with news that hackers have breached HBO’s cyber defenses and have allegedly stolen steal than 1.5 terabytes of data, including scripts from unaired Game of Thrones episodes. As fascinating as this news may be to consumers of popular culture, it obscures more serious cyberattack news stories that have far deeper consequences. Consider, for example, the five most significant network hacks from the past several years.

  • In 2014, hackers exploited a vulnerability in OpenSSL using a tool known as “Heartbleed” to break into a virtual private network (VPN) that a major corporation had used to encrypt data and communications. Individuals and businesses routinely rely on the added encryption provided by a VPN to ensure confidentiality of communications. This recent hack reveals that even VPNs have their weaknesses.
  • A foreign government was believed to be behind a 2015 hack attack on the insurance giant, Anthem Health. That hack compromised more than 78 million consumer health and insurance records. More recently, the governments or government proxies of North Korea, China, Russia, and the United States have all been accused of participating in hacking activities.

    Image source Flickr

  • The “Petya” ransomware attack crippled more than 60 percent of computers and networks in the Ukraine in early 2017. A subsequent analysis of the attack suggested that although the attackers demanded a ransom to release frozen systems, the attack might have had a moiré sinister purpose of disabling the Ukraine’s technology infrastructure.
  • The Dyn distributed denial-of-service (DDoS) attack that struck a significant number of computers and networks in North America and Europe in late 2016 was the largest ever cyberattack launched on the internet. The attack continued for several days, affecting servers utilized by Twitter, Netflix, CNN, and other major web players.
  • The Wannacry ransomware attack in early 2017 was stopped early in its tracks by good luck and quick thinking on the part of the individuals who first noticed it. Still this cyberattack crippled parts of the United Kingdom’s National Health Service and enriched the hackers who demanded and were paid more than $100,000 to release various systems and networks.

The scope and scale of these massive cyberattacks should cause all businesses, regardless of size, to reassess their cybersecurity strategies. In all likelihood, like HBO, the entities that were affected by these cyberattacks had erected defenses against hacking and gave their employees at least some rudimentary education and training in eliminating the human error and conduct that exposes a network to cyberattacks. Yet as these attacks suggest, even commonly-suggested cyber defense strategies, such as VPNs, are not fully effective against determined groups of hackers, particularly if those hackers have government resources behind them.

This does not suggest that businesses should abandon all hope and give up on their cyber defenses. Rather, they need to confirm that those strategies are up-to-date and consistent with the latest tools and techniques to fend off cyberattacks. Realizing, however, that none of those tools and techniques will be foolproof, businesses also need to develop a plan to respond when they do experience a successful attack. Cyber security insurance is a mandatory part of that plan.

Cyber security insurance will cover a business’s direct losses when a cyberattack damages data and hardware, which gives the business some assurances that its profits will not be entirely consumed by the need to recover those elements. Insurance can also protect a business against third party liabilities and regulatory fines that may be levied when a business loses its customers’ personal or financial information. Depending on the size of the business, a single cyberattack can cost anywhere from $30,000 to $2 million or more. Few businesses are equipped to absorb these kinds of costs directly. Cyber security insurance can cover these losses and allow a business to continue its operations with a minimum of interruptions after it experiences a cyberattack.

The WannaCry computer malware that has spread across 150 countries appears to be slowing down, with few reports of fresh attacks in Asia and Europe on May 15.

However, staff beginning the working week have been told to be careful.

The WannaCry ransomware started taking over users’ files on May 12, demanding $300 to restore access.

Hundreds of thousands of computers have been affected so far.

Microsoft said the attack should serve as a wake-up call.

However, the ransomware warning said that the cost would double after three days, so the payments may increase.

It threatens to delete files within seven days if no payment is made.

Among the organizations targeted worldwide have been Germany’s rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, FedEx and Russia’s interior ministry.

Many companies employed experts over the weekend to try to prevent new infections.

The picture now appears better in Europe.

Senior spokesman for Europol, Jan Op Gen Oorth, told AFP: “The number of victims appears not to have gone up and so far the situation seems stable in Europe, which is a success.”

Renault said its plant in the northern town of Douai would not reopen on May 15 as it dealt with the cyber-attack.

In Asia, a significant slowing of the malware was also reported.

Banking systems across the region were largely unaffected.

Russian President Vladimir Putin said: “Russia has absolutely nothing to do with it.”

Companies in Asia and Europe have been warning employees to be careful when clicking on attachments and links in their emails.

Microsoft president and chief legal officer Brad Smith said on May 14: “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.

“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”

The computer giant also said that many organizations had failed to keep their systems up to date, allowing the virus to spread.

Microsoft said it had released a Windows security update in March to tackle the problem involved in the latest attack, but many users were yet to run it.