WannaCry Blog Terms - Attivo Networks

WannaCry

U.S. declares North Korea carried out massive WannaCry cyberattack

The U.S. government is publicly acknowledging that North Korea was behind the WannaCry computer worm that affected more than 230,000 computers in over 150 countries earlier this year.

As a result, the Trump administration will be calling on “all responsible states” to counter North Korea’s ability to conduct cyberattacks and to implement all “relevant” United Nations Security Council sanctions, according to a U.S. official familiar with the matter.

Trump’s homeland security adviser, Tom Bossert, made the announcement in a Wall Street Journal op-ed Monday evening and will follow up with a statement Tuesday morning.

North Korea was widely suspected to have created the virus, which was paired with ransomware that encrypted data on victims’ computers and demanded money to restore access. Until now, the U.S. government has not publicly stated as much.

In June, The Washington Post reported that the National Security Agency had linked North Korea to the creation of the worm. In October, the British government declared that it believed North Korea was the culprit. The following month, the CIA issued a similar classified assessment, which has not been previously reported.

The official noted that the U.S. government has released technical details of North Korean cyber-tools and operational infrastructure and has worked with other countries to lessen North Korea’s ability to conduct further tests or generate illicit funding.

The May 12 global cyberattack affected critical sectors, including health care, “potentially putting lives at risk,” said the official, who spoke on the condition of anonymity to discuss a move not yet public. This follows a pattern of disruptive and harmful cyber activity by the reclusive country. Its leader, Kim Jong Un, has pushed for the development of hacker forces as a low-cost, high-impact tool that can rattle the nerves and damage the systems of more powerful nations.

LG hit by WannaCry malware, systems shut down for two days

WannaCry is causing havoc yet again, with LG its latest victim.

The WannaCry malware dominated headlines earlier this summer, as it infected more than 300,000 Windows systems and disabled numerous networks.

It had the potential to wreak havoc and expose the data of thousands of private citizens and organisations, but was thwarted almost accidentally last May by Devon infosec expert Marcus Hutchins.

At the time, Hutchins warned that the story of WannaCry was not close to an end. “This is not over. The attackers will realise how we stopped it, they’ll change the code and then they’ll start again. Enable Windows Update, update and then reboot.”

Petya… Echoes of WannaCry

Does this sound familiar? On June 27, news outlets began reporting on a ransomware attack that was spreading like wildfire, hitting over 300,000 devices across over 150 countries and counting. The attack utilized the EternalBlue exploit that was stolen from the NSA and released by the group Shadowbrokers, targeting SMB vulnerability CVE-2017-0144 to spread across multiple systems.

Cyber Security Is The Necessity Of The Future

Why Cyber Security?

The WannaCry virus which crippled over 300,000 computers globally reminded the world how fragile computer systems are. As IT systems are playing a larger role in all of our lives, how to shield the system against malicious attacks is one of the most pressing issues prioritise by many.

According to PWC’s crime survey 2016, incidence of cybercrime increased sharply among their respondents, making it the 2nd among the most reported types of economic crime. Yet, most companies are not adequately prepared for it, only 40% of the companies responded to the survey have personnel that are “fully trained” to act as the first responder and only 37% have fully operational incident response plan.

Remote Office Solutions

New Entries Into The Ransomware Worm Family Detected That Could Prove More Dangerous Than WannaCry

Immediately following the WannaCry attack, CISOs started to examine ways they could improve their ransomware defenses (we described the deception solution in our recent blog Deception Derails Ransomware: WannaCry Analyzed by Attivo Labs.)

Following the initial attacks, TrendMicro has seen three new entries, UIWIX, Adylkuzz and EternalRocks, come onto the scene leveraging the same core set of vulnerabilities.

Deception Derails Ransomware: WannaCry Analyzed by Attivo Labs

As ransomware attacks continue to claim hundreds of thousands of victims, organizations are scrambling to figure out if their current security tools can effectively stop, detect, and remediate large-scale ransomware attacks.

While the major WannaCry ransomware attack was stopped by an uncovered kill switch, experts fear a resurgence of new strains without such shortcomings. Now, more than ever, organizations across all industries need to strengthen their defenses against these aggressive and damaging attacks.

Attivo Networks

Attivo Networks Urges Organizations to Adopt New Technology Designed to Derail Ransomware Attacks

Attivo Networks challenged not only healthcare, but all industries to take immediate steps in the wake of Friday’s global ransomware attacks. “It’s not only the sheer magnitude of the attacks, but also that hackers are now crossing ethical boundaries,” says Tushar Kothari, CEO of Attivo Networks. “Friday’s attacks signify a change in ransomware attacks from holding files hostage to creating situations that impact human safety.”

Scroll to Top