The past few days, a massive global ransomware attack dominated the news. This malware has capitalized on the vulnerability (MS17-010) that was leaked before hand which seemed to be NSA set of exploits which uses the RSA-2048 encryption. Due to the tight security of the encryption, it is next to impossible to reverse engineer it unless the malware developers have made a mistake coding it. So far, their code seems to be flawless.
Wannacrypt, WannaCrypt, WannaCrypt0r, Wana Decryptor and WanaCry are some of its alias.
The developers are asking for a ransom amounting to $300 worth of bitcoins per infected device to get your data back. Just like any ransomware, there leave instructions on how you could pay them to get your data back. It is proof that
However, Microsoft had issued a fix for the vulnerability a month before the Shadow Brokers leaked the information they have about the vulnerability. So it is possible that a lot of people ignored the released patch. Wannacrypt got itself going two months after the patch was released.
Older systems like Windows XP and Windows 7 are more prone to get infected compared to the newer ones like Windows 10. Some administrators who try to save on cost by not moving to the newer systems will have greater risks of being compromised since fewer updates for the older operating systems are being developed.
A lot of people are blaming the NSA for the outbreak due to the fact that they stockpiled some vulnerabilities and guess what? They got leaked by Shadow Brokers after they were not able to capitalize on selling it. Further down the rabbit hole, it goes deeper by being publicly released on Github.
Imagine disclosing schematics on how to make weapons readily available as free download? That is what happened here. Both NSA and Github should be accountable for it being available to the public.
As of May 15, 2017, over 213,000 detection of WanaCrypt0r 2.0 are reported in 112 countries.
Major institutions like Telefonica and National Health Service (NHS) England have issued statements that their systems have been crippled because of this.
As of this writing, we are doubling our efforts to make sure our clients’ computers, laptops and servers are up to date. We scrutinize the necessary software patches including anti-malware and antivirus software are up to date.
Rest assured we are doing our best in order for you not to be victimized by this cyber threat.