May 18, 2017
WannaCry - How it spreads…
Would you be able to detect a virus before it encrypted the whole of your computer system?
If you could detect a virus, would you be able to stop it before it started to spread? If you answered no to either of these questions, then you are not alone.
Most viruses, like the recent outbreak of WannaCry, creep into your computer systems against your wishes often masked behind email attachments, online pop-up ads or even programme updates. Once clicked or opened these links will trigger the malware takeover. The virus will then begin to seep into every part of your computer system, feeding off any available memory and attacking any data in its path. WannaCry feeds off vulnerability. The virus attached to vital networks and began to multiply rapidly. A weak network where perhaps updates have not been initiated and patching has weakened programme codes, enabled WannaCry to create copies of itself and filter through computer systems. The infected files were held to ransom causing unexpected amounts of downtime and the worry that most files will never be fully recovered.
So how does it all start? If like most you work in an environment where attachments are sent left, right and centre, you may not think twice before opening a new file. Although the direct cause of the outbreak is yet to be confirmed, it has been reported that phishing emails could be the main culprit. Over the course of Friday, WannaCry had encrypted over 200,000 systems in over 150 different countries across the globe.
In the UK the hackers gained access to the NHS database. Their systems were shut down causing surgeries to be cancelled, appointments to be rearranged and doctors unable to access patients medical files. Although business is trying to run as usual, the state of the NHS is yet to be confirmed.
Telefonica the Spanish multinational broadband and telecommunications provider with over 340 million customers, working with O2 in the UK and Moviestar in Spain, were hit with WannaCry. Telefonica are said to be unsure as to why they were vulnerable to this malicious attack, however it is reported that around 8% of the world’s data is passing through its networks throughout the day. Staff at the global company were greeted with the Ransomware message demanding a payment in bitcoins.
The German train operator, Deutsche Bahn, was hit on Saturday. Travellers tweeted pictures of departure boards with the ransom message as opposed to the train times. The company did report trains were running as usual but most electronic boards showed signs of encryption.