<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=649110235249474&amp;ev=PageView&amp;noscript=1">
Consult an Expert
       
Security

WannaCry .png

The Federal Government has confirmed that eight Australian Small Businesses have been hit by a huge Malware attack orchestrated globally on the weekend. Whilst the Prime Minister's Cybersecurity Advisor has warned that the "game is not over" between hackers and cybersecurity companies. Globally the attack compromised around 200,000 machines, one of the largest in history. 

It all happened in less than two days created with information leaked from the NSA. In this short amount of time it spread like wildfire across the globe and infected hundreds of thousands of PC's. The Ransomware strain is simply known as WannaCry. The thing about this particular strain of Ransomware, and all others, is that it doesn't discriminate; so PC's residing at critical operations like hospitals and schools were rendered inoperable. 

What is WannaCry?

WannaCry ScreenShot.png

WannaCry is a form of Malware known as Ransomware that attempts to render a computer useless by encrypting files then demanding a payment to regain access. While the ransom demands vary for different strains of Ransomware, WannaCry victims are asked for US$300 and then later US$600, if the user still refuses to pay up they are threatened with a complete delete of all of their files. 

What are the impacts?

Across most sources this is being accepted as one of the worst Ransomware attacks in history. At the time of writing this article it is thought that up to 3,600 computers an hour are being affected by this insidious version. 

Assistant Minister for cyber-security Dan Tehan said the ransomware had not affected Australia's critical infrastructure or Government agencies. "This is absolutely a wake-up call," he said. "We have to understand that ransomware costs the Australian economy $1 billion a year conservatively."

How is it spread?

A brief explanation on how it is being spread:

The underlying tool is believed to be the EternalBlue program developed first by American security services and subsequently leaked. A quick definition on how it spreads is such:

  • The ransomware is using a known, publicly disclosed exploit in SMBv1 (Server Message Block Version 1). It is an application-level protocol used for sharing files and printers in a networked environment.

What can I do right now to protect myself?

How Protected are you From Ransomware