It's been a year since the WannaCry ransomware's big attack that caused damage to over 230.000 computers. It malicious program it spread so quickly because the development team had combined the ransomware with EternalBlue, a tool leaked from the NSA's "hacking arsenal." EternalBlue allowed WannaCry to use worm-like capabilities to install itself on vulnerable Windows systems.
Initially, many believed that WannaCry was spread by email post officey, but the ransomware did not require any interaction between its user-victims. With the EternalBlue and a leaked tool from the NSA DoublePulsar), the worm was looking for vulnerable SMB ports to enter vulnerable systems.
Once exploits for SMB were detected, they were used not only to spread WannaCry on a single computer, but also to transmit it to all computers on the same network.
The Spanish mobile phone company Telefónica was one of the first major companies to report problems from WannaCry, and by the afternoon of 12 May, the UK NHS reported problems in hospitals, medical surgeries across the country, but also in thousands of appointments that were online.
Renault's French automaker Renault and the German Deutsche Bahn railway company have also been on the list of high-profile victims in Europe, while some Russian ministries and companies in the country have not escaped the disaster.
The attackers demanded $300 in a particular one address and threatened to double the ransom if it was not paid within three days. And if the victim didn't pay within a week, their records would be deleted.
Naturally security researchers and governments do not propose to pay a ransom. But who can replace the lost data? The controversy, of course, came from researchers who they discovered that even if ransom was paid, encryption of ransomware did not allow decryption of files.
But what did this story tell us? Before the evil started, everything was calm as it is today. Friends chatted on Facebook, trolls raced on Twitter, and others were looking for a good movie for the night.
Among them, and among us there are many who have not kept a backup of their system. Or others kept it, but have it on a portable drive, permanently connected to their computer. Mention the carefree people who bought (or broke) a super duper antivirus…
Yes, they are the same people who, after the "unfortunate" moment, desperately seek help, in chats, forums and from the technicians of the company or the neighborhood.
What did you learn from history?
- Gmail Confidential Mode: How Do I Use It?
- Facebook dark patterns: what are the dark motifs and how they deceive