A quarter of a million PCs spread throughout 150 countries have been affected by WannaCry; a new ransomware attack that leverages an NSA exploit called EternalBlue.
The first major malware attack to originate from exploits discovered by intelligence agencies has come to light in the form of WannaCry; a ransomware program that has now managed to infiltrate over 150 countries and access over a quarter-million PCs.
For the uninitiated, ransomware is a form of malicious software that encrypts a user’s files without permission, and then holds those files hostage until a user pays ‘ransom’ and is able to retrieve their information. In the case of WannaCry, the attackers in question have demanded ransoms between $300 USD and $600 USD worth in Bitcoins. The threat is issued with the warning that an unpaid ransom will see files deleted within a week. Read: Minister of State Security, David Mahlobo, weighs in on regulating social media in South Africa
WannaCry leverages a software exploit first discovered by the US National Security Agency (NSA) called EternalBlue – the exploit in question was leaked by a collective earlier this year in April.
Microsoft has previously patched the vulnerability, though users running legacy operating systems such as Windows XP – or earlier – were left vulnerable. Microsoft has advised that users immediately run Windows Update, renew or continue to use an anti-virus suite, and back up their important data.
Large organizations – such as the British National Healthcare Service (NHS) – have felt the pinch, and Microsoft has further advised large organizations to ensure all incoming and outgoing emails are scanned and that the latest Microsoft security patches should be applied in addition to backing up all data.
Cybersecurity firms -such as Check Point – have warned users not to pay the ransom demanded through WannaCry, as there is little evidence to suggest that hostage files are decrypted once payment has been made.
The prevalence of WannaCry – and its effect on both general users and organizations – has been deemed as ‘unprecedented’ by Europol. The attacks in question have spread throughout the United States, European Union, United Kingdom, as well as Australia, South Korean, Indonesia, Japan, China, and other nations at the time of writing. Read: The Careless Majority – More than half of Android Users use No Security Software
What are your thoughts on WannaCry? How can we avoid future malware attacks from reaching the international stage? Be sure to let us know your opinion in the comments below!
Follow Bryan Smith on Twitter: @bryansmithSA