26 May

WannaCry Round-Up

The WannaCry ransomware virus has caused chaos around the world recently. Now that the panic has died down and the virus has been halted, let’s take a look at the main stories that are dominating the news.

 

WannaCry attack ‘linked’ to North Korea hacking group

A hacking group closely tied to North Korea was behind the massive WannaCry attack earlier this month, security company Symantec says..

The way the attack was set up made it “highly likely” that the Lazarus group was responsible, it said.

Lazarus has been blamed for a 2014 attack on Sony and the theft of $81m (£62m) from Bangladesh’s central bank.

In those attacks, the group is believed to have worked on behalf of North Korea’s government.

Rather than being a nation-state campaign, it said, it looked more like a “typical” cyber-crime campaign that sought to enrich its operators.

North Korea has denied any involvement with WannaCry, branding any claims it was behind it “ridiculous”.

The virulent WannaCry worm is believed to have infected computers at more than 200,000 companies.

Victims included more than 60 NHS trusts in the UK as well as Fedex, Renault and Telefonica.

On compromised computers, the worm encrypted files and demanded a ransom of $300 (£231) in bitcoins to unlock them.

So far, 300 victims are believed to have paid to have their files unlocked, generating a total ransom payment of $109,245.

Sony was attacked for releasing The Interview, which involves a plot to kill the North Korean leader A hacking group closely tied to North Korea was behind the massive WannaCry attack earlier this month, security company Symantec says. . The way the attack was set up made it “highly […]

 

NHS cyber-attack: No ‘second spike’ but disruption continues

A “second spike” in cyber-attacks has not hit the NHS but some hospital trusts are suffering ongoing disruption due to Friday’s ransomware attack.

Routine surgery and GP appointments have been cancelled across the NHS as it recovers from the global outbreak.

But the number of hospitals diverting patients from A&E has decreased from seven on Sunday to two.

Health Secretary Jeremy Hunt, who attended a Cobra committee meeting on cyber-security on Monday, said it was “encouraging” that there has not been any fresh attacks, although the National Crime Agency said this did not mean there would not be one in the future.

At least 16 trusts out of 47 that were hit are still facing issues, leading to further cancellations and delays to services, BBC research suggests.

Home Secretary Amber Rudd, who chaired the Cobra meeting on cyber security, said the UK was working with international partners in the global manhunt to find the ransomware’s creators.

“The National Cyber Security Centre and the NCA are working with Europol and other international partners to make sure that we all collect the right evidence, which we need to do, to make sure we have the right material to find out who has done this and go after them, which we will,” she said.

In July last year, the Care Quality Commission and National Data Guardian, Dame Fiona Caldicott, wrote to Mr Hunt warning that an “external cyber threat is becoming a bigger consideration” within the NHS.

It said a data security review of 60 hospitals, GP surgeries and dental practices found there was a “lack of understanding of security issues” and data breaches were caused by time-pressed staff often working “with ineffective processes and technology”.

Meanwhile, Security Minister Ben Wallace has insisted NHS trusts have enough money to protect themselves against cyber-attacks.

The “real key” was whether trusts had regularly backed up data and whether they were installing security patches, he said.

The government is insisting that the NHS had been repeatedly warned about the cyber-threat to its IT systems, with Defence Secretary Michael Fallon stating £50m was being spent on NHS systems to improve their security.

Shadow health secretary Jonathan Ashworth pointed to a report from the National Audit Office six months ago.

It highlighted how, in February 2016, the Department of Health had “transferred £950m of its £4.6bn budget for capital projects, such as building works and IT, to revenue budgets to fund the day-to-day activities of NHS bodies”.

WannaCry: What can you do to protect your business?

The WannaCry cyber-attack infected more than 200,000 computers in 150 countries, affecting government, healthcare and private company systems. But how easily could it have been avoided and how can firms protect themselves against future attacks?

On the face of it, the accepted narrative seems simple. Microsoft issued a patch, or update, for the vulnerability in its older Windows operating systems in March.

If all IT departments everywhere had implemented this patch immediately, the WannaCry ransomware worm wouldn’t have been able to run riot across the globe.

Top priorities

As well as keeping antivirus, firewall, application and OS software up-to-date, backing up key data regularly to offline hard drives should be a top priority, most cyber experts agree.

This is because data breaches and cyber-attacks are inevitable these days.

Share this

Comments (1)

192.168.1.1 192.168.l.l login
June 10, 2017 Reply

Very nice post. I just stumbled upon your blog and wished
to say that I have truly enjoyed surfing around your weblog posts.

In any case I'll be subscribing for your rss feed and I hope you write again very
soon!

Leave a reply