Summary: Reflecting on the biggest cyber-attack we’ve seen. We sat down with our Development Manager Calvin, to discover what happened with the in the 2017 hack, and how it can be prevented.

In April 2017, over 300,000 computers were hacked by aptly named ‘WannaCry’ malware. The virus infected over 50,000 companies in 150 countries, crippling operations and demanding ransoms. Experts estimate that the hackers collected over $50,000 in ransom payments. A 22-year-old security researcher in the U.K. located a ‘kill-switch’ which has stopped the spread. Included in this blog post are details of what happened, why and how. We also discuss preventative measures that companies can introduce to lower the risk of malware attacks on their network.

WannaCry Malware Attacks: What Happened

The WannaCry Malware attacks were caused by a computer virus targeting outdated versions of Microsoft Windows Operating system. At the time, the most recent update was released in March 2017, several weeks before the attack. The virus is embedded in a word document or PDF and works as a worm, spreading itself. Once it infects a computer, all files, photos and videos are encrypted, as well as all computers that are linked, rendering them inaccessible. An alert would pop up on the computer’s screen demanding a ransom between 300-600 bitcoins to for the decryption key. Even if the ransom is paid, experts say that does not guarantee retrieval of your documents. Paying the ransom can just lead to demanding a higher ransom, and threatening to delete all files.

Severity

Most companies protect their systems with varying levels of permissions. These prevent users from being able to download or open certain attachments. Microsoft discovered a loophole in their software regarding protocol for opening network drives and attaching printers, which they promptly patched and released an update. Hackers then created ‘WannaCry’ Malware to exploit the loophole and infect computers which had not updated to the new software, which was disseminated through email. These emails had gotten particularly stealthy, impersonating a colleague, friend or family member with a normal request such as an invoice payment. If your computer is still running on outdated Microsoft software, install Microsoft’s patch to protect your files immediately.

The primary cause of the spread of a virus through society is human behavior, we trust our email communications too much, even though these public channels are easily forged or socially engineered to take advantage of us. – Calvin Dallimore, Development Manager, IC.

If a computer gets infected, the software can be swept clean and the start the computer from scratch. Unfortunately, this means all the files are gone with it. So, for those who are not constantly backing up everything, like the National Health Services (NHS) of the UK, it can be detrimental. When the NHS was hacked, operations were canceled, patients turned away and ambulances diverted due to over 40 hospital’s computer systems being crippled by the attack. Other companies affected by the virus include giant telecom companies in Spain and Russia, shipping company FedEx, and the worst hit was to the Russian Government. The virus infected over 50,000 companies in 150 countries.

Prevention

Staying up to date with software updates is imperative to the security of your company. Software companies are constantly looking for holes to patch to keep their software secure. Once the update is posted, the vulnerability is consequently available for hackers to create a virus capable infecting outdated systems. A few ways to protect your computer networks include:

• Education – warn employees about the risk of infected emails, and to be cautious when opening attachments.
• Communicate internally – reduce the dependency on emails while adding an extra layer of security of an intranet to your company. Use discussion forums and message boards to make important announcements, project sites for sensitive or private information, and live chat for immediate responses. Get staff accustomed to checking the intranet as opposed to opening emails for updates.
• Protect your software – complete updates regularly to keep your files and sensitive information safe. With Source by IC Thrive, it’s simple. We send the update to you, and our support team is standing by to assist.

The WannaCry malware attack was by far the worst cyber attack in 2017. As shown with the NHS, it can have crippling effects. However, there are proactive ways to protect your network such as;

• Inform employees about the risks of computer viruses
• Secure communication on an intranet to reduce the risk of opening infected emails
• Stay up to date with all software upgrades

Have anything you’d like to add? Contact us here.