Over the weekend, global computer systems experienced the largest ransomware cyberattack ever. Experts do not think the attack is over yet.
In the UK, 45 of its National Health System operations were affected, interrupting patient care. In China, nearly 30,000 institutions, including government offices, banks, and hospitals were infected. "On Sunday, Europol described the attack as 'unprecedented.'" In all, there were approximately 200,000 computers in 150 countries, including FedEx in the United States.
The amount typically demanded was $300 to $600. Moreover, the attack affected systems that utilize Microsoft XP. According to US-CERT (United States Computer Readiness Team), "initial reports indicate the hacker or hacking group behind the WannaCry campaign is gaining access to enterprise servers either through Remote Desktop Protocol (RDP) compromise or through the exploitation of a critical Windows SMB vulnerability. Microsoft released a security update for the MS17-010 vulnerability on March 14, 2017. Additionally, Microsoft released patches for Windows XP, Windows 8, and Windows Server 2003 operating systems on May 13, 2017. According to open sources, one possible infection vector is via phishing emails."
Reports are emerging that the malicious code may have originated from North Korea. "Cyber attacks linked to North Korea, security experts claim," http://www.telegraph.co.uk/technology/2017/05/15/north-korea-linked-global-cyber-attack-experts-examine-ransomware/ (May 16, 2017).
Additional reports are that those infected and pay the ransom are not receiving the encryption key to unlock their files. Andy Greenberg "The WannaCry Hackers Made Some Real Amateur Mistakes," https://www.wired.com/2017/05/wannacry-ransomware-hackers-made-real-amateur-mistakes/ (May 15, 2017).
Microsoft urges customers to be "more aggressive" about installing the security patch the company had issued several weeks ago. Unfortunately, older versions of the Windows operating system were not addressed by the patch or perhaps organizations were not able to install it properly.
Unfortunately, a present-day patch will not fix an outdated or unsupported operating system. Robert McMillan "How to Protect Yourself From Ransomware," wsj.com (May 14, 2017); Chris O'Brien and Christina Boyle "'WannaCry' Cyberattack is Slowing Down; Experts Say It Could Have Been Much Worse," latimes.com (May 15, 2017); Nick Kostov, Jenny Gross and Stu Woo "Cyber Attack is Likely to Keep Spreading," wsj.com (May 15, 2017).