Just when we think that we have gotten rid of one of the most well-known threats, it reemerges again. We are talking about WannaCry Ransomware, which first popped up in May 2017. Although the initial cyber attack was short-lived, as the threat was dismantled using a kill switch within several days, it did some serious damage. The threat managed to infect more than 200,000 computers in some 150 countries. It was soon discovered that the infection was spread across Windows systems using known EternalBlue and DoublePulsar vulnerabilities. If these vulnerabilities were patched, of course, the infection could not attack. When the threat was successful at invading the system, it would encrypt files and then introduce victims to the demand of $300 ransom. Although the initial attack of this malicious infection was stopped, it keeps reemerging, and this time, Connecticut State Department of Administrative Services is the victim.
This is not the first time WannaCry Ransomware has hit a government-level organization. Some other victims of this dangerous malware include Public Security Bureau in China, Ministry of Internal Affairs in Russia, and the Government of Maharashtra in India. NBC Connecticut reported that the Connecticut State Department of Administrative Services was hit by the infection on 23rd February. The state’s monitoring system detected malware, and, later on, it was reported that the attack was performed by the infamous WannaCry virus. During the attack, the infection infected 160 computers in 11 agencies. The initial report showed that the threat had hit computers in 12 agencies; however, it was later found that one of them was a false positive. The department’s Chief Information Officer, Mark Raymond, reassured that all security measures were taken to ensure that the attack was contained. Surprisingly, it was reported that no files were decrypted, which is not consistent with how this malware has worked in the past.
The GNC’s researcher, Matt Leonard, spoke with the department’s representative, Jeffrey Beckham, who reported that the situation with WannaCry Ransomware was handled within 3 days, and the computers affected by this malware were once again clean by Sunday night. According to Leonard, the department runs more than 30,000 devices, and while the attack of the malicious infection revealed that not all of them were strong enough to fight off malware, the situation demonstrated that the Department of Administrative Services is well-prepared. This, allegedly, is due to “regular patching and antivirus protection.” The representative revealed that the department is taking the situation very seriously so as to ensure that malware attacks are successfully prevented in the future. After all, WannaCry is not the only threat out there. Just a couple of weeks ago, the Colorado Department of Transportation was hit by SamSam Ransomware, using which, cyber criminals managed to demand an astonishing ransom of 45 Bitcoins. Unfortunately, this is just one of hundreds and thousands of malicious infections that invade unprotected systems every single day.
Most malicious infections prey on unguarded systems, and there are plenty of different exploits and security backdoors that can be used for invasion. Needless to say, it usually is more difficult to contain the attacks and fix the damages caused by them than it is to stay on top of protection. The biggest offense, of course, is skipping security updates. If the system’s protection is not patched up, cyber attackers have plenty of opportunities to do whatever some damage. It is also very important to install software that could keep malware away, as well as to back up data to ensure that it stays safe in the event of data encryption. Without a doubt, prevention is key when it comes to any kind of malware, and so it is most important to take all available security measures.
References
Lau, M. May 14, 2017. Chinese police and petrol stations hit by ransomware attack. South China Morning Post.
Leonard, M. February 26, 2018. Connecticut agencies hit with WannaCry. GCN.
Nambiar, S. May 16, 2017. Hit by WannaCry ransomware, civic body in Mumbai suburb to take 3 more days to fix computers. Hindustan Times.
NBC Connecticut. February 25, 2018. Cyber Attack Targets State Agencies</>. NBC Connecticut.
Winsor, M. May 13, 2017. Researcher 'accidentally' stops spread of 'unprecedented' global cyberattack. ABC News.