It's been a year since the WannaCry ransomware's big attack that caused damage to over 230.000 computers. The malicious program εξαπλώθηκε τόσο γρήγορα, επειδή η ομάδα ανάπτυξης είχε συνδυάσει το ransomware με το EternalBlue, ένα εργαλείο που διέρρευσε από το "hacking οπλοστάσιο" της NSA. Το EternalBlue επέτρεψε στο WannaCry να χρησιμοποιήσει δυνατότητες τύπου worm για την αυτοδιάθεσή του σε ευπαθή συστήματα των Windows.
Αρχικά πολλοί ήταν αυτοί που πίστευαν ότι το WannaCry διαδόθηκε με μηνύματα ηλεκτρονικού ταχυδρομείου, αλλά το ransomware δεν απαιτούσε καμία αλληλεπίδραση μεταξύ των χρηστών - θυμάτων του. Με το EternalBlue and a leaked tool from the NSA DoublePulsar), the worm was looking for vulnerable SMB ports to enter vulnerable systems.
Once SMB exploits were discovered, they were used not only to spread WannaCry to a single computer, but also to spread it to all computers on the same computer. network.
The Spanish mobile phone company Telefónica was one of the first major companies to report problems from WannaCry, and by the afternoon of 12 May, the UK NHS reported problems in hospitals, medical surgeries across the country, but also in thousands of appointments that were online.
Renault's French automaker Renault and the German Deutsche Bahn railway company have also been on the list of high-profile victims in Europe, while some Russian ministries and companies in the country have not escaped the disaster.
Attackers called for 300 dollars at a specific address and threatened to double the ransom if they were not paid within three days. If the victim did not pay within a week, their files would be deleted.
Of course the researchers security but also governments do not suggest paying ransom. But which of them can make up for the lost data? Of course, the counterargument came from researchers who they discovered that even if ransom was paid, encryption of ransomware did not allow decryption of files.
But what did this story tell us? Before the evil began, everything was calm, just like today. Friends chatted on Facebook, trolls roamed Twitter, and others were looking for a good movie for the evening.
Ανάμεσα σε αυτούς, και ανάμεσα σε εμάς υπάρχουν πάρα πολλοί που δεν έχουν κρατήσει κάποιο backup από το σύστημά τους. Ή άλλοι πάλι κράτησαν, αλλά το έχουν σε μια φορητή μονάδα δίσκου, μόνιμα συνδεδεμένη με τον υπολογιστή τους. Να αναφέρουμε και τους ξέγνοιαστους που αγόρασαν (ή έσπασαν) κάποιο super duper antivirus...
Ναι είναι οι ίδιοι άνθρωποι που μετά την "άτυχη" στιγμή, αναζητούν απεγνωσμένα βοήθεια, σε chats, forums και από τους τεχνικούς της παρέας ή της γειτονιάς.
What did you learn from history?
- Gmail Confidential Mode: How Do I Use It?
- Facebook dark patterns: what are the dark motifs and how they deceive