One of the worst global malware attacks to date has infected nearly 200,000 computer systems in almost 150 countries. The malware attack, referred to as "WannaCrypt" or “WannaCry”, encrypts or freezes all files on computers and requests $300 in Bitcoin currency in exchange for returned access to the files (bgr.com). If the ransom isn’t paid after a few days, it is then doubled. If it is not paid after seven days, all files will then be deleted. Over the weekend the malware creators have made over $32,000 from organizations that paid the ransom in order to regain access to their files.
Unlike other malware attacks that are enabled through phishing attacks like emails, this malware travels through the internet, like a virus, and attacks a Windows weakness called “EternalBlue”, discovered by the NSA. Microsoft released the fix for this weakness in March, and once installed, should keep your Windows computer safe. Organizations that use devices that run on Windows XP, Windows 8, or Windows Server 2003 should immediately install the Microsoft security update.
If a system has already been infected, the installation of these updates will not resolve the issue. Organizations all over the world and antivirus companies are working on decryption tools to undo this massive malware hack, but as of yet, there is no solution. It has yet to be determined who is responsible for the WannaCry attack.
Governmental, financial, commercial, and healthcare organizations have been affected by the malware. Organizations with outdated systems are more susceptible to the malware threat. Due to how reliant we are on technology, the impact on individuals and organizations can continue to grow as the malware continues to spread.
Many healthcare organizations all around the world have fallen victim to WannaCry. Hospital systems in the UK had to cancel appointments for patients due to frozen files and are currently attempting to recover from the attacks. Patients have been turned away from receiving care in certain health institutions due to the malware. In an industry so important to the well-being of individuals like healthcare, it is difficult to find a solution other than paying the ransom in order to continue to provide services.
In order to reduce the likelihood of your organization falling victim to this malware, it is important to keep your cybersecurity systems up to date. This attack has served as a reminder for organizations to keep cybersecurity a priority. In the future, we see a continued increase in the importance of IT departments and the development of processes to keep systems updated to reduce the risk of hacks.