Just barely 24 hours ago, a ransomware called WannaCry detonated worldwide, shutting down thousands of systems, the largest being England’s National Health Service. To date more than 100,000 incidents have been detected in over 99 countries and the number continues to climb.
WannaCry shows classic symptoms of ransomware behaviour, paralyzing systems and locking users out unless they pay a “ransom’ of up to $300 in BitCoin. TechBarrista was made aware in 2016 by Finnish cybersecurity firm F-Secure that ransomware was on an alarming uptrend, but this incident is believed to be the first concentrated ransomware attack ever.
According to F-Secure, ransomware is a form of crimeware. It’s a malicious software program that’s used, either by an individual or by an organized criminal group, to extort money from an affected user. The ransomware is distributed via spam and then spreads within an organization like a worm.
WannaCry exploits a known flaw labelled MS17-010 by Microsoft and in fact has already been patched. Unfortunately, the patch does not get extended to Windows XP machines as this operating system no longer qualifies for updates. Current Windows machines that have not gotten updates after March 15 are also at risk.
At this point of time, Malaysia does not seem to be on the list of affected countries. “MyCERT has not received any report of infections in Malaysia yet: We are continuing to monitor the situation closely,” said Dato’ Dr Amirudin Abdul Wahab, CEO, CyberSecurity Malaysia in a statement to Computerworld Malaysia.
In a blog post, F-Secure has said that the incident is “Big. And set to get bigger. We haven’t seen anything like this since Conficker in 2008.”
F-Secure and other cybersecurity firms have long tried to educate the public about the risks of many things that they do, from leaving machines unpatched to even having little or no protection over their networks. Perhaps it’s time to listen.
For more information on cybersecurity threats, read F-Secure’s 2017 State of Cyber Security report