Less than a month ago, an unprecedented cyberattack infected nearly a quarter of a million computers in over 150 countries, effectively halting business around the world.
Dozens of major organizations, including the U.K.’s National Health Service and Germany’s railway Deutsche Bahn, closed, turning away patients and paying customers, and proving that cybersecurity is not nearly as advanced as most firms believed.
The malware used in the attack, a ransomware dubbed WannaCry, is perhaps the most effective hack to date — but many security experts predict the worst is yet to come.
Barely a few weeks old, WannaCry is already being dubbed the worst and most widespread malware attack in history. With unprecedented speed, the malware spread to more than 300,000 machines in 150 countries, stealing data and locking down computer use. A form of ransomware, WannaCry encrypts its victims’ files, promising their decryption upon receipt of $300 in bitcoins. After three days, the virus ups the ransom to $600 in bitcoins, and if a week passes with no response, WannaCry deletes all encrypted data, eliminating any hope for retrieval.
The reason WannaCry was able to afflict so many machines is actually absurdly simple. Many of those machines were running so-called “legacy” software, or outdated tech that no longer receives updates or patches. Big companies are most at-risk for harboring legacy software because large-scale updating or upgrading is time-consuming and costly. However, updates tend to address security vulnerabilities that hackers can use. Indeed, the hackers who built WannaCry used an exploit called EternalBlue, which was allegedly developed by the U.S. National Security Agency to gather intelligence from digital devices. A hacker group called Shadow Brokers released the exploit, and WannaCry integrated it for maximum effect.
Within days of its release, WannaCry confounded thousands of businesses and individuals around the world. Slowly, organizations have been able to resume services, but many afflicted groups are still struggling to return their systems to normal. The attack is far from over, though it has slowed significantly since a novice security researcher accidently interrupted the virus’s operations by registering a domain name found in the ransomware’s code. This delay has given professionals some time to trace the malware to its source and develop protections against other attacks like it.
As yet, there is no tried-and-true fix for WannaCry. Users can keep themselves safe from the virus — and other malware like it — by installing reliable ransomware protection for business and home. Additionally, users should be sure to have the most recent updates for all software, and it helps to have backups of important data stored on the cloud or an external hard drive. These actions should soften the blow of all ransomware — even the cataclysmic global attack experts say is on the horizon.
Worse Hack in the Works
Even in the thick of the WannaCry attack, security firm Proofpoint believes it has identified a more insidious virus that could be even more disastrous. This malware — dubbed Adylkuzz for the strangely named program found on computers — doesn’t behave like typical ransomware; that is, it doesn’t encrypt files and demand payment, immediately making itself known. Instead, the virus silently and secretly installs a cryptocurrency miner, which coopts a user’s computer’s processing power to generate cryptocurrency for the hackers. Adylkuzz works to generate a cryptocurrency called Monero, which has an exchange rate of about $28.44 for every crypto-coin.
While this might sound like a victimless crime, it is important to remember that computer processing isn’t free. In fact, cryptocurrency mining is arguably among the most labor-intensive activities for computers, which must pull in outrageous amounts of electricity and devote abundant time and energy to the task. Effectively, Adylkuzz prevents users from using their own machines efficiently, and it dramatically increases their energy bills, to boot.
Adylkuzz uses the same exploit as WannaCry, EternalBlue, as well as another NSA hacking tool called DoublePulsar. Already, experts believe Adylkuzz has netted at least $45,000, but because users might not be able to identify Adylkuzz immediately, it’s likely the malware’s creators will earn dramatically more. Compare this to WannaCry, which managed to make only about $80,000, and whose creators are unlikely to be able to access their cash without being caught.
Malware isn’t good for any machine, but the intense viruses that are emerging these days could absolutely ravage a home or business network. Users must practice safe computing if they hope to stay secure in the coming years of the Digital Age.