Recently, a cyber-attack known as WannaCry took hostage hundreds of thousands of public and private Microsoft computers around the world. Computers were affected in more than 150 countries, making this the largest recorded ransomware attack. This virus is a form of ransomware, which encrypts files until a monetary ransom is paid. Often, these ransoms will double after a certain period of time and if they are not paid within the set time, all of the files will remain encrypted. Once the ransom is paid, a key is provided that will unlock the files. In this case, the requested ransom was around $300.
Victims of these attacks include a healthcare company in Britain, where patients had to be turned away from more than 36 hospitals, doctor’s offices, and ambulance companies. Thankfully, patient data was not compromised during this attack. In Russia, the Interior Ministry’s computers were frozen. In the United States, FedEx became a target.
These types of attacks are usually triggered by malicious attachments in emails that are designed to mimic legitimate sources. Microsoft was aware of this vulnerability and had released software updates to protect customers from these types of attacks. However, many people have outdated software which allowed them to remain vulnerable. It has yet to be reported the total amount victims paid.
It is rumored that the strategy of this attack is rooted in the N.S.A. because of the comments made when the plans were posted online previous to the attack. A group who identifies itself as the “Shadow Brokers” claimed that the numerous hacking tools they posted online were stolen from the U.S. Government. These tools targeted firewalls, anti-virus programs, and Microsoft products. This is especially concerning because the N.S.A. is taxpayer funded. The N.S.A. has denied this allegation but some sources claim that former officials have suggested the content looks similar to other N.S.A. documents.
The United States has used cyber-attacks against other governments in the past and it is known that they have classified information on these types of vulnerabilities. Former President Obama’s administration developed a process to determine which of these vulnerabilities should be kept in a classified setting and which ones should be reported to the companies so they can be fixed.
Our team strives to provide prompt, cloud based updates to our customers so that their software is always up to date. We also employ both network security and email filtration measures in order to further reduce the risks of these types of attacks. If you are curious about how we have helped protect other companies or are ready to trust us with your technical security, contact us today to get started.