It all started with a single click.
On May 12, at around 8 in the morning, an unsuspecting user in London opened a thoroughly ‘suspicious’ mail, thereby triggering one of the major Cyber attacks of all time.
The WannaCry massacre, to be precise.
Massacre because the malware succeeded in swallowing 30,000+ systems from 150+ countries in a matter of three days. That’s really huge!
The game is on pause now and the malware is subdued. But there is a great chance it will strike again and with 100x more force.
We have been hearing about the WannaCry malware since it first struck, but do we know about it? Are we really prepared for its repeat show? If not, what could save us- our systems and companies- from it? Let’s find out.
What is WannaCry?
Wanna Decryptor, despite its random acronym WannaCry, is a pretty target-specific ransomware program. It is designed to target Microsoft’s Windows Operating System.
WannaCry sneakily creeps into your computer system and locks all your sensitive data until you pay the ransom asked. You are left with only two things- an ugly red-white screen, and a step-by-step instruction on the payment process.
An effective ransomware that leaves you crippled.
Cyber criminals use different types of phishing techniques to get even an expert user to click on the malicious link or file sent. This process is getting more and more sophisticated with the growing technology. The hackers today are experts in camouflaging the suspicious content into something that cannot be ignored, like your boss’s mail.
You really need to be careful on what you click or download.
Once the malware or the designated software has successfully crept into a system, the hackers throw in a full-on attack, locking everything within a network.
Ransomware attacks are nothing new, though. They carry a whole 12 years of history behind them.
They were first found in the United States in 2005 and then continued spreading throughout the world, causing havoc every now and then.
Now you must be wondering how one pays the ransom? No, it’s not through the regular bank accounts. Hackers are really careful to get their payment accounted, honestly.
Thus, they go for a decentralized and completely untraceable mode of payment- Bitcoin, an online cryptocurrency.
The cybercriminals leave you with instructions on how you can buy them and a bitcoin address to send them through. The payment usually ranges between 0.3-1 bitcoins (around 400-1375 pounds), but they may demand more.
Some of the notable victims of May 2017 WannaCry attack are British NHS, FedEx, Telefonica, carmakers Nissan, Deutsche Bahn, Japanese electronics firm Hitachi, Russian Central Bank, and Department of Homeland Security, US.
The main group behind this attack are touted to be the infamous ‘Shadow Brokers’ who recently released a hacking tool ‘Eternal Blue’ which is said to be stolen from the NSA. It’s highly likely that they used some NSA code to develop WannaCry too.
WannaCry Ransomware Timeline 2017
March: WannaCry malware was first detected. Microsoft discovers a critical vulnerability in its OS and issues security update and statement. They asked users, especially those working on outdated Windows systems like Windows XP, Server 2003 and Windows 8.
April: An important code was reported stolen from the US National Security Agency (NSA).
May 12: 8.24 am (London time): The first infected system was witnessed in Europe. The Spanish telecommunications company Telefónica was one of the first major victims of the attack.
May 12- May 15: The malware kept multiplying for three days straight, looping several hundred thousand computers from over 150 countries.
May 15: A 22-year-old cyber analyst, writing under the name ‘MalwareTech’, issues a notice that he has found out the ‘kill switch’ to end the attack.
How To Protect your Enterprise From A WannaCry Attack
The WannaCry incident taught us a lot of things.
First, ransomware attacks are getting more popular by the day. Of course, with the ease of payment and easy infestation, it has to be the top choice for the money-hungry hackers.
Second, majorly the systems infected were outdated. The computers organizations didn’t deem fit to invest upon or were difficult to go through an entire update process.
Third, spear phishing is noticed to be the most popular way to infect computers.
Fourth, there were some pre-informed defenses which when adhered could have stopped this attack altogether. Like the one issued by Microsoft.
We really cannot afford to lose our chance now when we know them. We cannot afford to be lousy when we can be smart and save our systems from such an attack. Afterall, ransomware or malware infestation, these attacks are here to stay.
Here is a list of protection methods you can adopt to leave such a cyber threat behind. Make sure to adhere them, though!
Don’t Fall Prey To Phishing Attempts
According to a 2016 study, about 56% of people will click on any link they are sent, thus becoming a victim of data breach. That’s half of the internet-using population, enough for hackers to become super rich without doing a lot of hard work.
Don’t be one of them.
They best way out is to check the emails properly. Be suspicious, not paranoid. Type out the website address rather than clicking on unsolicited links. Educate your employees to do the same.
Use Firewalls For Your Organization
Another key defense is using a firewall and effective antivirus programs that could help you detect and divert any potential danger coming from USBs or connected devices. It may also help scan files before they make home into your system.
You may also use antivirus and antimalware extensions that can keep an eye on the suspicious websites your employees lurk through.
Make a Backup For All Your Sensitive Data
A perfect way to reduce the panic and cry when the attack hits your company.
By creating such a backup you ensure all your data is at a safe place and it wouldn’t matter if they threat you to delete them.
Also, never pay the ransom asked as it only encourages the cybercriminals. Instead, fight back.
Promote Cyber Security Education
It is your employees that make your organization. Thus, it is important for them to know what is going around and how they can contribute.
Organize monthly cyber security sessions where you can discuss the different ways cyber criminals may attack the company and how to stop them.
Make your institution more transparent on cyber security levels, so your employees don’t hesitate in reporting you if they notice anything fishy.
Discourage The BYTD Trend
Setting up an entire company is a tedious process. You need to focus on the area, tools, employees, and infrastructure.
Many companies, especially startups and companies with employees that travel all the time, let them bring their own devices to the institution.
It’s both feasible and dangerous.
Feasible, because you can cut costs on the infrastructure front. Dangerous, because you unsuspiciously invite cyber security dangers to your institution.
Avoid promoting this trend. After all, work should be kept at the workplace.
Take Help From Effective Cyber Security Providers
They are cyber security providers, simple.
You won’t have to look into everything if you have an expert standing by. They will help in real-time detection and diversion of malware and virus infestation by installing layered defenses across your infrastructure.
From phishing emails to unsafe web browsing, data downloading to data center infection; you’ll be safe from all.
As we all know and all the previous cyber attacks have established, it’s rather difficult to have a control over hackers. They are really a determined lot. But nobody can stop us from practicing caution. So go ahead, play safe!