"WannaCry" Ransomware Attack
As we have discussed in the past, hackers will use ransomware to hold both a computer and its software hostage until the victim pays the requested funds. A recent cyberattack has brought these issues to the forefront in what some believe to be the biggest ransomware assault that has ever occurred. This particular ransomware, called "WannaCry," has currently spread to over 74 countries. This attack impacted governments, hospitals, and the general public.
The hackers used software that was stolen from the National Security Agency (NSA). The specific type of software is the Wanna Decryptor, which was a variation of the WannaCry ransomware.
The mechanics of this ransomware was that the malicious software was transmitted to computers via email. When opened, the software locked the users out of their computers. The attack began with what appeared to be a simple phishing email. The basics of how a phishing email works is that it looks like a legitimate organization sending you an email when really it is just someone pretending in order to steal your information. Usually, these phishing emails will direct you to click on a link that leads to another website. Once you are on the other website, it will cause the malicious software to download into your computer. When the WannaCry ransomware was opened, it locked all the data on the computer, and instructed the user to pay in order to release the data.
This attack specifically targeted Microsoft Windows Servers. The attack was connected to a group that appeared last summer called the "Shadow Brokers" who began to post different hacking tools they claimed came from the NSA. One of these tools, which is also known as "Eternal Blue," took advantage of a weakness that exists in the Microsoft Windows Servers. Microsoft had previously released a software patch that included software that fixed this underlying vulnerability, but because of people not updating their systems, they remained vulnerable.
So, hackers were able to take advantage of the fact that people do not regularly update their computers. Besides the fact that people were at risk for not updating their computers, others were at risk because updates were not even made available for their computers. Many companies use outdated software, such as Microsoft XP, which is no longer supported by Microsoft, and therefore is not receiving any more security patches for vulnerabilities.
The best way to protect yourself from any future attacks is to be careful about clicking on links contained in emails that are coming from unknown or questionable sources. It is also important to ensure your computer's software is updated, so you have the latest security patches available from the manufacturer. Additionally, it is a good idea to have a backup of any important data on your computer, so in case of a ransomware attacker, your data can be recovered without having to pay the ransom.
It is currently unknown who is behind these attacks and if the offenders will ever be found. Although, there is a possibility that there are legal claims a person can raise against the attackers, it's rather difficult to file a claim when the attackers cannot be found.
At our law firm, we guide clients in legal matters involving intellectual properties by using our knowledge and skills to create innovative solutions. You may contact us today to set up a confidential consultation.