Wannacry ransomware attack

Wannacry ransomware attack

Wannacry ransomware attack

The Wannacry ransomware attack proved us again how the human factor coupled with the vulnerabilities inherent to the information systems can cause tremendous damage to the worldwide digital economy.

The schema used is not revolutionary and is based on a conjunction of known techniques.

  1. Exploiting a vulnerability that has been discovered but not patched by the software or hardware vendor
  2. Using the human factor weakness to activate the malware on the operating system
  3. Having access to the low level system instructions that enables the total encryption of the data stored on the system.
  4. Using worms to facilitate the light speed propagation of the attack on the network of the victims
  5. Using the darknet mechanisms in order to receive the ransom via bitcoin

With the scenario described above, the victims are, in the vast majority of cases, disarmed, especially if they were not prepared via security awareness campaigns and if the CIO and CSO did not implement adequate preventive, detective and corrective controls.

Jeff Primus, CEO of ACTAGIS, was interviewed on this subject for the show “Toutes Taxes Comprises”, aired on the RTS on 15 May 2017 (in French).

Since the beginning of the attack more than 150 countries have been hit by Wannacry and the damages to the worldwide economy can easily estimated to billions of dollars, if we consider the business interruptions caused to thousands of companies worldwide.

In order to reduce the probability and the impact of such events, companies should reinforce the awareness level of their users and patch their systems in a frequent and systematic way. Last but not least, a well designed and implemented business continuity architecture, would permit the enterprises and users to recover their information systems and data to a coherent state, as they were just before the attack.

Wannacry screen seen by the victims of the cyber-attack.

We should all be reminded that we are in a field where never ending battleswill probably continue forcing us to be better and better prepared for the future evolutions of more and more sophisticated threats.

The human factor will always be the biggest vulnerability that the attackers will exploit. And the major area where security can be improved.

©2017 Jeff Primus, ACTAGIS