The WannaCry ransomware epidemic hit hard. It infected over 300,000 victims around the globe, from hospitals to schools.
Microsoft issued patches and the now the focus has shifted onto who launched the attack. Both private cybersecurity firms and government agencies pointed it towards North Korea.
Unfortunately, this wasn’t the end. Over a month from the initial outbreak, WannaCry is still claiming victims. Even though the patches are up, why is WannaCry still causing problems for organizations over a month after the initial epidemic?
Much of it comes down to the worm-like properties of the ransomware, which uses a leaked NSA weapon called EternalBlue. This weapon leverages a version of Windows’ Server Message Block networking protocol to spread itself.
Now the worm is out and is trying to infect as many computers as possible, all while being powered by some systems it infected in its first outbreak. With this significant of a threat still out there, schools need to be proactive on making sure their systems are safe and properly cleaned regularly to avoid an attack.
It's this failure to patch which is enabling the likes of WannaCry to continue to be a purely opportunist threat when, in many instances, it could easily be stopped.
Another reason why WannaCry still survives is that many companies and schools still rely on older machines and bespoke applications which either are no longer supported by patches- or just can't be patched in the first place. This sort of technology could still be vulnerable to the worm.
And while schools and companies try to do all they can try to do all they can do protect systems with patches- it's simply the matter that it's hard to continually update old systems, especially when the manufacturers stop providing patches - but many schools push on with this approach because the alternative involves spending large amounts of money on wholesale upgrades.
Perhaps the light at the end of the tunnel is that the WannaCry ransomware, while great at spreading, is fairly amateur in nature.
There are lessons to be learned here, as the outbreak could have been much more disruptive. Some of the ransomware variants most successful exploits cost businesses and schools over $1 billion during 2016.
Organizations which still find themselves at risk from worms must seriously consider the potential impact of ransomware like WannaCry before it’s too late.
(Story via ZDNet)