Who Was Affected?
This appalling attack spread across Hospitals and GP surgeries throughout England and Scotland, causing total chaos and leading to appointments and operations being cancelled, with struggling hospitals having to ask the public to only seek medical care if necessary as they were reduced to using pens and paper as well as their own personal mobiles to try and keep afloat. The following organizations were affected:
Northumbria Healthcare, North Cumbria Hospitals, Morcambe Bay Hospitals, Blackpool Hospitals, Southport Hospital, East Lancashire Trust, Barts Health, East and North Hertfordshire, Derbyshire Community Health, University Hospitals North Midlands, North Essex Partnership University FT, London North West Healthcare Trust, York Hospitals, East Cheshire Trust, Aintree University Hospitals, The Royal Liverpool and Broadgreen Hospitals Trust, Liverpool Community Trust, United Lincolnshire Hospitals.
A report by Russian cyber security software maker Kaspersky Lab said that as of early Friday, its researchers had observed more than 45,000 attacks in 4 countries. Later in the day, the numbers increased to 57,000 infections in 99 countries.
“This is the biggest ransomware outbreak in history” said Mikko Hypponen, chief research officer at cybersecurity company F-Secure.
What is the Attack?
The attack, known as WannaCry, is a form of phishing attack that tricks the recipient into opening a seemingly trusted attachment which then releases malware onto the system.
Once infected, all of the files become locked up and encrypted so that they can no longer be accessed. It then displays a message demanding payment in the form of Bitcoins – an online currency that is difficult to trace – for a sum from $300 to $600 to re-access the machines. However, security experts have warned that even if the sum is paid that there is no guarantee that it will unlock the systems. There is even the possibility that the sum being demanded can be upped and with that threats to delete all files unless demands are met.
How Does it Work?
Back in March there was a vulnerability within Microsoft, which they responded to by releasing a patch to fix that people could download in the form of a software update. However, people don’t always install patches / updates on their machines as a matter of urgency which leads to vulnerabilities in security and makes it easier for the hackers to gain access. This really highlights the importance of installing any updates on your computers, phones and tablets as soon as they become available.
Who Was Behind the Attack?
A cyber gang named Shadow Brokers are having fingers pointed at them for this attack. Back in April, they claimed that they had stolen a ‘cyber weapon’ from the National Security Agency (NSA)
The tool, named ‘Eternal Blue’ gives unlimited access to all computers that use Microsoft windows and was originally developed by NSA to gain access to computers used by terrorists and enemy states. When you think that windows operates on nearly 90% of all computers in the world, this attack and its implications become even more frightening.
This cyber gang are believed to have released the bug on a lesser known website and it has then been picked up in turn by a separate unknown gang. After they had gained access, they released the WannaCry ransom. A security expert explained that Eternal Blue was effectively the crowbar that allowed them to get into the machines in the first place.
How Can You Keep Protected?
Our expert advice would be primarily to always make sure that your computer software is up to date. When a dangerous new bug or attack is released, the preventative measures will be included in software updates so the sooner you install them the less chance you have of being affected.
Also, be cautious when opening e-mail attachments, and always make sure you double check the address it comes from. You can read our blog on avoiding phishing scams here.
It is also important to not download any programs or applications from unofficial sources as this is yet another method for hackers to gain access.
If you feel your computers are vulnerable or just have concerns about your safety, Increase the Wedge are here to give you expert advice and help you to ensure you are safe online. Get in touch today.