It's been a year since the WannaCry ransomware's big attack that caused damage to over 230.000 computers. The malware spread so quickly because the development team had combined the ransomware with the EternalBlue, ένα εργαλείο που διέρρευσε από το “hacking οπλοστάσιο” της NSA. Το EternalBlue επέτρεψε στο WannaCry να χρησιμοποιήσει possibilities worm type to install itself on vulnerable Windows systems.
Initially many believed that WannaCry was emailed, but ransomware did not require any interaction between its users - victims. With the EternalBlue and a leaked tool from the NSA DoublePulsar), the worm was looking for vulnerable SMB ports to enter vulnerable systems.
Once exploits for SMB were detected, they were used not only to spread WannaCry on a single computer, but also to transmit it to all computers on the same network.
The Spanish mobile phone company Telefónica was one of the first major companies to report problems from WannaCry, and by the afternoon of 12 May, the UK NHS reported problems in hospitals, medical surgeries across the country, but also in thousands of appointments that were online.
The French car industry Renault and German railway company Deutsche Bahn were also on the list of high-profile victims in Europe, while some Russian ministries and companies in the country did not escape the disaster.
Attackers called for 300 dollars at a specific address and threatened to double the ransom if they were not paid within three days. If the victim did not pay within a week, their files would be deleted.
Naturally security researchers and governments do not propose to pay a ransom. But who can replace the lost data? The controversy, of course, came from researchers who they discovered that even if ransom was paid, encryption of ransomware did not allow decryption of files.
But what did this story tell us? Before the evil began, everything was calm, just like today. Friends were chatting on Facebook, trolls took to Twitter, and others were looking for a good movie for the evening.
Among them, and among us there are many who have not kept a backup of their system. Or others kept it, but have it on a portable drive, permanently connected to their computer. Mention the carefree people who bought (or broke) a super duper antivirus…
Yes, they are the same people who, after the "unfortunate" moment, desperately seek help, in chats, forums and from the technicians of the company or the neighborhood.
What did you learn from history?
- Gmail Confidential Mode: How Do I Use It?
- Facebook dark patterns: what are the dark motifs and how they deceive