The back-to-back WannaCry and Adylkuzz outbreaks in mid-May mark a turning point on the cybersecurity landscape. Both attacks had far-reaching global ramifications—spreading chaos throughout all types of organizations—big and small. But it looks like we got lucky.
For all of the disruption they caused, these attacks were surprisingly amateurish. Just think of the devastation a more developed attack could cause. But make no mistake—these attacks serve as a warning. Organizations need to heed the lessons learned and adjust their cybersecurity strategies accordingly.
A Closer Look at the Attacks
Despite the ensuing turmoil, the WannaCry attack wasn’t that sophisticated. The hackers exploited a leaked NSA Windows vulnerability. Their code was full of errors, including a web-based “kill switch,” and their handling of the bitcoin payments was a mess.
Nonetheless, the massive cyber attack infected over 300,000 systems in 150 countries. Some of the larger institutions left reeling from the attack include the UK’s National Health Service, Telefonica, FedEx, Russian governments, U.S. universities, and Chinese ATMs.
The hackers demanded a small ransom of $300 to unlock victims’ computers. So far, only around $100,000 in bitcoins have been paid as ransom. But these relatively minimal financial damages and errors of the hackers belie real dangers going forward.
The real costs of these attacks are much higher when you take into account the hours of reduced productivity and countless lost data files. When all’s said and done, the estimated damage of WannaCry could top $1 billion.
What were the hackers after? Some believe the attack may not have been solely financially motivated. Disruption may have been the end goal. Some even suspect North Korea was responsible for the attack.
The Adylkuzz attack exploited the same vulnerability, but unlike WannaCry, Adylkuzz didn’t lock computer files. Instead, this sneaky malware slows down systems, steals processing power and mines “Monero,” a virtual currency. It’s already infected more than 150,000 machines worldwide, but its full scope isn’t yet known.
Be on Alert for Ransomware
Cyber crooks are relentless. Although they didn’t make off with much money with WannaCry, the potential is undeniable. The threat of ransomware remains. You need to be on guard.
Since January 1, 2016, there has been an average of more than 4,000 ransomware attacks every day. According to some experts, ransomware damages could reach over $5 billion this year.
Security Takeaways
Experts can’t predict too far into the future, but there are some basic security measures organizations can take now:
- Make patching a priority. Organizations could have avoided the pain of both WannaCry and Adylkuzz had they made the proper security updates.
- Backup data. Crooks can demand a ransom because they know you need your files.
- Offer more employee security training. Remind employees to beware of suspicious emails and be careful downloading files.
- Know when to outsource. Smaller companies may have trouble keeping up-to-date with the latest threats.
- Scan email. Look at both incoming and outgoing emails for sketchy-looking attachments.
- Perform regular vulnerability assessments. Probe your security defenses to see what’s working.
- Have an incident response plan. With the growing sophistication of attacks, a breach is likely. You need to be able to detect and contain an unwanted incursion.
A Fortinet partner, CCSI can help organizations securely navigate the post-WannaCry world. Contact us.
For additional information about WannaCry and how to protect yourself, download this free whitepaper: WannaCry Ransomware: Steps to Protect Yourself.
Contact CCSI today for more information about protecting yourself from ransomware.