Stopping WannaCry – the Global RansomWorm Malware Epidemic
SnoopWall, Inc., the global leader in breach prevention, today is announcing this consumer advisory not only as a warning about what may be the worst piece of ransomware traversing the globe and locking up computers in most major countries but how to stop it.
According to SnoopWall, Inc.’s CEO and as disclosed on their website, today, the United Kingdom’s National Health Service, www.NHS.uk was hit with a massive ransomware attack that demands $300 in bitcoins for each system it infects – in the NHS this could total $500,000 USD in ransomware demands so far, due to malware propagation across more than one thousand Windows computers.
According to the FBI.gov, the WannaCry attack has since spread across the globe to more than 74 countries and hitting additional targets such as the Russian Interior Ministry and US-based FedEx.
According to Gary S. Miliefsky, The Shadow Brokers leaked a bunch of NSA hacking tools onto the Internet. One of these tools is called EternalBlue, which, according to experts, is a perfect exploit for creating a Windows worm – software that attacks a Microsoft windows vulnerability and then installs on the next vulnerable windows system as it traverses the Internet. WannaCry is the first piece of ransomware ever to propagate using this kind of worm technology.
According to Gary S. Miliefsky, the CEO of SnoopWall, Inc., a cybersecurity expert, “this is a watershed moment in cyber crime history, when automated exploitation of vulnerabilities in an operating system are using a worm to spread ransomware. This is the first, not the last, ransomworm.”
As shown on a map from another independent security researcher, MalwareTech, a large number of U.S. organizations have been hit. Source: https://intel.malwaretech.com/botnet/wcrypt According to the researcher, so far, at least 1,600 have been infected with WannaCry in America, compared to 11,200 in Russia and 6,500 in China as it continues to spread.
Miliefsky continued, “WannaCry opens the door for similar exploits on other operating systems such as SmartPhones and all Internet of Things (IoT) devices. Because these devices are sold with vulnerabilities and backdoors, expect worm-like ransomware outbreaks to spread to them next.”
INSTRUCTIONS TO CONSUMERS, BUSINESSES AND GOVERNMENT AGENCIES
If you have not yet been exploited, move quickly to close the hole: WannaCry leverages a hole, Microsoft fixed 2 months ago. If you have not installed Windows Security Update MS17-010, please take the time to install the proper patch for your version of Windows and do it quickly: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Any computing device that connects to the internet should be frequently hardened. The latest patches should be installed. Contact manufacturers of your ‘smart’ equipment and demand security by design and frequent security patches to avoid this kind of risk.
RANSOMWARE AVOIDANCE 101 SUGGESTIONS:
While WannaCry spreads by exploiting vulnerabilities, most ransomware has spread through SpearPhishing attacks. SnoopWall has provided a simple training video to avoid these kinds of attaches. Training link: https://www.youtube.com/watch?v=TiBlXZWotxY
Simply put, don’t click links and don’t download attachments. Make sure you can trust the source before you do so. Do daily backups and test them when you can. If you know how to use encryption, it’s best to encrypt important information before it gets hacked or stolen.
About Gary Miliefsky
Gary is the CEO of SnoopWall, Inc. and a co-inventor of the company’s innovative breach prevention technologies. He is a cyber-security expert and a frequently invited guest on national and international media, commenting on mobile privacy, cyber security, cyber crime and cyber terrorism, also covered in both Forbes and Fortune Magazines. He has been extremely active in the INFOSEC arena, he is an active member of Phi Beta Cyber Society (http://cybersecurityventures.com/phi-beta-cyber/), an organization dedicated to helping high school students become cyber security professionals and ethical hackers. He founded and remains the Executive Producer of Cyber Defense Magazine. Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), the National Information Security Group (http://www.NAISG.org) and the OVAL advisory board of MITRE responsible for the CVE Program (http://CVE.mitre.org). He also assisted the National Infrastructure Advisory Council (NIAC), which operates within the U.S. Department of Homeland Security, in their development of The National Strategy to Secure Cyberspace, as well as the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. Previously, Gary has been founder and/or inventor for technologies and corporations sold and licensed to Hexis Cyber, Intel/McAfee, IBM, Computer Associates and BlackBox Corporation. Gary is a member of ISC2.org and is a CISSP®. Learn more about him at http://www.snoopwall.com/media and http://www.garymiliefsky.com/
SnoopWall is the world’s first breach prevention security company delivering a suite of network, mobile and app security products as well as cloud-based services protecting all computing devices from prying eyes and new threats through patented counterveillance cloaking technology. SnoopWall secures mission critical and highly valuable confidential information behind firewalls with our award-winning patented NetSHIELD appliances and with WinSHIELD on windows and MobileSHIELD on Google Android and Apple iOS mobile devices with next generation technology that detects and blocks all remote control, eavesdropping and spying, based on the patented AppSHIELD SDK. SnoopWall’s software products and hardware appliances are all proudly made in the U.S.A. Visit us at http://www.snoopwall.com and follow us on Twitter: @SnoopWallSecure.
Latest posts by Ivy Heffernan (see all)
- Smart Investing – In Times of Crisis, JPY Thrives and Stocks Crash - April 9, 2018
- Why GBIT for 2018? - January 8, 2018
- China’s Yuan To Strengthen Against USD – Currency Analysis - November 26, 2017