SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

WannaCrypt: An Overview of 2017’s Biggest Cybersecurity Threat

Posted on October 1, 2017

This past May, a malicious software attack known as WannaCrypt (or WannaCry, depending on your source) hit the computer systems at major organizations and businesses around the globe. WannaCrypt is a ransomware attack. Once it infects a machine or computer system, it encrypts all the data hosted on those machines. (Hence the name WannaCrypt.)

Once the files are encrypted, the attack prompts the owner of the machine or computer system to pay a ransom to unlock the data. The ransom offer has a time limit, giving users a countdown to watch while they consider their next move. The catch is that the ransom price increases as time ticks down. Once the countdown hits zero, WannaCrypt automatically destroys the user’s data.

The WannaCrypt Narrative

WannaCrypt was supposedly discovered first by the National Security Agency, which kept it on file as a possible surveillance tool. When hackers stole data from the NSA and released it on the Internet, WannaCrypt was among the contents. Other hackers then used the exploit to cripple computer systems around the globe.

The initial WannaCrypt outbreak struck on May 12. A web security developer discovered a “kill switch” in the code on May 15, which helped slow the spread of the ransomware dramatically. Microsoft also released security updates patching the vulnerabilities that WannaCrypt exploited. The updates weren’t limited to Windows 10, Microsoft’s current operating system. Indeed, the WannaCrypt threat was so pronounced that Microsoft also distributed protective updates for Windows XP, Vista, 7, and 8. XP and Vista are both no longer supported with regular updates, but Microsoft made an exception for WannaCrypt.

Because of these updates, Windows users with up-to-date machines should no longer be vulnerable—at least not to the initial incarnation of WannaCrypt. Several copycat and variant attacks have appeared since, though none have been anywhere near as devastating as WannaCrypt itself.

Even though WannaCrypt has slowed, it still isn’t entirely gone. On August 21, ZDNet reported that LG Electronics had found WannaCrypt on a “self-service kiosk” in South Dakota. The company took its computer systems offline for two days as a security precaution.

The Aftermath

All told, WannaCrypt infected more than 300,000 Windows systems around the globe. 230,000 of those got hit on the first day. Luckily for Mac users, the attack was limited to computers using Windows operating systems. Still, for all users—home or business, Windows, or Mac—the attack has provided a reminder to be vigilant about cybersecurity. Be careful about the emails you open or the files you download, and have data backups ready in case you need to restore your files from scratch.

Sources:

https://www.cnet.com/news/wannacry-wannacrypt-uiwix-ransomware-everything-you-need-to-know/
http://www.zdnet.com/article/wannacry-ransomware-attack-at-lg-electronics-takes-systems-offline/
https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

Join our mailing list for the latest security news and deals