Worldwide Ransomeware Attack - WannaCry
Staring on Friday May 12th, the hospital system in the UK was hit by an outbreak of Ransomeware, nicknamed WannaCry. Within hours it had spread to over 150 countries hitting commercial, governmental and health related entities.
Cybersecurity experts say the malware affects the Microsoft operating system, newer as well as older versions, and takes advantage of a vulnerability to spread the infection. As with most malware infections, it only takes one person to click on an infected link in an email or open a malignant attachment to cause the virus to spread to other machines, work stations and servers, on the same network.
Once infected, the user receives a screen sized message that their files have been encrypted but they can receive a key to unencrypt them for the low low fee of a $300 payment in bitcoin, i.e. untraceable, Victims have only hours to pay the ransom, and as the clock ticks, the price goes up. if the time limit expires, the files will be destroyed.
Money has been trickling in, according to a Twitter account monitoring bitcoin wallets linked to the attacks, with victims paying nearly $39,000 by Monday, just in Asia alone. The small transaction fee is one of the most powerful factors of Ransomware. Businesses think a few hundred dollars and I’ll be ok. The problem is that the business has been identified as one that can be intimidated, so it will become a target for future attacks.
As with all malware attacks, it is a human that lets Ransomware into a network. It is imperative that business leaders realize that time spent training employees is critical. Protocols need to be created that employees understand must be followed in the event they receive an email that comes from an unknown sender and asks for a click on a link or to open an attachment.
These protocols include tips for recognizing the email for what it is - a phishing attack, providing a method for reporting the email to management and then instituting a system that lets management alert all employees on the details of the email and the the steps to take if they receive one.
Ransomware is a dangerous attack but a businesses vulnerability can be reduced if it follows the technical and non-technical steps necessary to defeat it.