On Friday, May 12th, a massive ransomware attack hit computer systems at private companies and public organizations around the world. Some sources say WannaCry - also known as WannaCrypt, Wanna Decrypter or WCry - is the largest ransomware delivery operation to date.
The cyberattack hit more than 300,000 computers by midday on May 15, according to a White House briefing by Homeland Security adviser Tom Bossert. Users in more than 150 countries have been confronted with a screen demanding a $300 payment to restore their files, locking thousands of computers and causing disruptions for companies around the world.
Although the infection rate has slowed since the malware's activation, Asia and Europe experienced the largest hit during the weekend. The ransomware leverages computers running on an unpatched or pirated Microsoft Windows operating system - and a tool gathered from the National Security Agency, known as, EternalBlue. And even though a kill switch was found to prevent further spread of this particular ransomware through a web address registered by the accidental hero there are now signs the hackers are trying to revive the virus.
The only good news from all of this is the serious wake-up call to organizations, both large and small, to take the necessary precautions to protect their computer systems from future cyber attacks. There isn't an if something like this will happen again, it's when.
Ransomware, a computer virus typically spread via spam emails and malicious download links locks up files and demands a ransom to unlock them, isn't a new concept or threat. But WannaCry is unique in the fact that it self-spreads.
Hackers are getting smarter, leveraging new technologies and designing more sophisticated systems. In fact, we still don't know WannaCry's origins or the identity of who deployed the software in the first place. And many imitation programs are starting to infiltrate new systems this week.
At DRS Imaging, our biggest priority is to protect our customers against malicious software and cyber threats. How are we doing it? Through data classification and our secure archive solutions, your most business critical data is identified and retained beyond the reach of malicious intentions. Our solutions involve a federated architecture and proven methods for compliance and secure standard implementations.
Just the knowledge of having defenses in place safeguarding company-wide systems brings peace of mind. That way, if a ransomware attack does happen in the future, your data is backed-up and you can continue conducting business as usual.
If you have any questions about the WannaCry ransomware attack or want to start implementing secure data management solutions within your organization, let us know. We're always here to protect you against the bad guys.