May 15 — A relatively common type of ransom-demanding malware worm called WannaCrypt blew across the Internet on Friday. By using a relatively new weakness in Windows networking (SMB protocol), it took down hundreds of thousands of PCs connected to Windows networks. As it hit hospitals, transport networks, and major businesses, the headlines multiplied.
Many more will be affected on today, as more PCs are turned on, but the worm was effectively neutralized on Friday. Still, expect plenty of variant attacks from script kiddies trying to make a buck.
All of this could have been avoided. The exploit came from a leaked batch of weaknesses used by America’s NSA spy services. Microsoft patched the exploit loophole that let the worm into networks back in March. However, proving that many businesses fail to follow the best practices that any IT department should follow, WannaCry spread rapidly affecting lots of high profile networks.
Telefonica in Spain was among the first to have its systems blighted by WannaCry, which locks up valuable data and demands bitcoins to release them, then the NHS in England, transport services in Russia and Germany, and many more. Only a few are paying the ransom, which starts at $300, but grows the longer a victim takes to pay.
What it all means
Given the lack of exploding nuclear reactors, train crashes or dead hospital patients, all the news generated by WannaCry is actually pretty good news. Every IT department in companies big and small will be checking their security systems and processes. Even though this worm affects Windows systems, some easy tweaks could see it bring down Linux, Mac or cloud networks.
It also helps highlight which antivirus vendors were on the ball and had security in place to catch this worm, many didn’t at the time, but have updated over the weekend, and some still don’t! Check out this page to find the worst culprits.
For those who were lucky or organized enough to escape, there will be a fresh batch of updates. And the many businesses using older Windows like XP and Vista will be lining up to upgrade their OS to one that is better to manage.
For everyone else, look at how easy this was to spread and consider that one day, one will hit homes not businesses, perhaps spreading by social media link or email. Being more aware should help everyone!