The WannaCry ransomware attack that took place late last week on May 12th has been an aggressive wake-up call for businesses and governmental organizations throughout the world to take their data backup and recovery more seriously. The culprit(s) behind the attack have not been identified yet, but Europol predicts that this week the ransomware will broaden its reaches.
Countries in Europe and Asia reported that their Windows-based systems fell prey to ransomware that held their sensitive and consistently used data hostage for a sum of $300 in Bitcoin encrypted currency per infected machine. The amount doubled on the 15th of May, coming to a total of $600 per machine. The rub here is that the files would be ultimately lost on the 19th of May if the ransom was not met. The criminals involved stated that upon payment a decryption key would be sent to the user, but this statement ultimately could not be verified or trusted.
The most disturbing news about the attack was that the malware used to initiate the attack was based off the National Security Agency’s list of exploitable vulnerabilities list that was leaked a month prior. Microsoft has officially lambasted the NSA for its negligence in regards to protecting its hacking tools from falling into malicious hands.
Now, what does this mean for the tech and data industry? It has become apparent that sophisticated hacking tools can and have been acquired by state or non-state entities to cause disruption, chaos, and confusion for whatever sinister end they deem fit. The average computer user who deals with sensitive data, whether personal or commercial, should first confirm that they are running the most up-to-date version of their operating system. Then, users should check the status of their anti-virus applications, making sure that they are utilizing the most appropriate system for their level of anticipated risk.
Since the attack, the question we should all be asking ourselves is “Do we have a sound plan to backup, store, and recover our data?” This question should be answered sooner rather than later. The consensus is that this wide scale ransomware attack is far from being an isolated incident. With leaks becoming more commonplace from security agencies around the world, these attacks may mark the beginning of a dangerous trend.
In the last decade alone, data has become one of the most valued resources in almost every industry around the globe. Criminals around the world are taking to the internet in search of the means to access sensitive data to ultimately wreak havoc for their benefit.
Don’t let the hackers win. Be proactive and seek solutions to keep your data uncompromised. Determining the best means for scheduling regular backups and formulating a recovery plan is the best strategy to becoming more involved in protecting your data. The trend in cyber-related criminal activity will only increase as our means and dependency on data rises in the years to come.
The danger from the most recent ransomware attack seems to have slowed, but hasn’t come to a complete halt. The suspension of the infection was enabled by an anonymous Twitter source, Malwaretech, who registered the malware’s domain name of nonsensical letters and numbers to facilitate a positive reply, rendering it inactive. The concern here is that the hackers behind the malware need only to change the domain name in the virus’ code to essentially bring us back to the initial dilemma.
Let this week’s occurrence be a prime example as to why everyone, whether they are involved in data management or otherwise, should be thinking about the potential risks they face. Solutions to data breaches are abundant and vary in quality; do research and have consultations with those who understand the security landscape to find the best fit for your situation.