Ransomware Attacks Have Been Halted, But For How Long?
Despite the fact that cyber attacks are an increasingly common problem, many companies were left vulnerable to the WannaCry ransomware that tore through computers in almost one hundred countries yesterday. This particular ransomware attack took advantage of a weakness that Microsoft released a critical patch for two months ago. Although this malware cyber attack now appears to be over with, experts have indicated that everyone with a Microsoft product should remain on high alert.
How Does Ransomware Work?
With more than 75,000 affected users, including hospitals and FedEx, it’s become more vital than ever for every person who goes online to become educated about ransomware. These cyber attacks trace their origins all the way back to 1989 when Joseph Popp wrote and released the “AIDS Trojan,” which was also known as “PC Cyborg.”
Much like its successors, the first instance of ransomware attempted to extort money from unsuspecting victims. Since that time, ransomware has become much more sophisticated. Infected computers may have all files encrypted or even become completely frozen until the ransomware is disabled.
Why Do Ransomware Attacks Keep Happening?
According to a report from Bitdefender, U.S. victims are the most likely to pay the ransom that’s being demanded. In fact, a staggering 50 percent of people in the U.S. who have been hit with a ransomware request have paid it. This level of success is more than high enough to encourage malware creators to keep releasing attacks.
It’s likely that part of the reason so many people pay to have their data restored is that the FBI has encouraged them to do so. At Cyber Security Summit 2015, FBI agent Joseph Bonavolonta made a startling statement,”To be honest, we often advise people just to pay the ransom.”
Of course, there’s never any guarantee that paying the ransom will actually restore your missing data. The better course of action is to back up your computer on a regular basis and utilize security measures, including anti-malware software, a firewall and anti-virus protection.
Additionally, if a patch is released to close a known security vulnerability, make sure you update your computer immediately. If more companies and individuals had installed the two-month-old patch, WannaCry wouldn’t have been able to spread so quickly.
A Hero Emerges in Latest Ransomware Attack
Internet security experts worldwide rushed to thwart the latest ransomware attack yesterday. However, it was a 22-year-old British man who goes by the handle MalwareTech who found a kill switch hidden inside WannaCry.
Reportedly, the ransomware was designed to keep pinging a specific web address. If the domain became active, this would tell the ransomware to stop the attack. MalwareTech discovered that the domain name hadn’t even been registered yet, so he opted to pick it up for $10.69 out of curiosity.
As soon as the domain was activated, he began seeing thousands of hits per minute. Before it was clear to security experts or the media what was happening, the WannaCry ransomware was completely halted. This led to some initial confusion, including the misconception that the domain actually started the attack. Once this was cleared up, MalwareTech was dubbed a hero by the media.
MalwareTech discussing his recent exploits on Twitter.
https://twitter.com/MalwareTechBlog/status/863364498215890948
Will Ransomware Strike Again?
With its long history, it’s a virtual certainty that a cyber thief is currently designing the next ransomware software. MalwareTech also warned that the perpetrators behind the WannaCry attack are likely to rewrite the code to exclude the kill switch and start over again. This could happen quickly, so all Windows users need to be on high alert.
In the meantime, install the latest security patches and double-check your existing security methods. WannaCry extorted an average of $300 per computer from victims who made the decision to pay. All of this could have been avoided if the proper precautions had been taken, and the same is likely to be true for the next ransomware attack.
[Featured Image by DD Images/Shutterstock images]