WannaCry Outbreak Is Just A Tip Of An Iceberg

Uploaded on 2017-06-02 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Cybersecurity experts called the recent international cyberattack known as “WannaCry” among the worst they have seen, and warned about the country’s lack of cyber-security preparation.

“This is only the beginning of a very, very long list of bad stuff,” said Brett Scott, co-founder of the Arizona Cyber Warfare Range. “It’s about as bad as one can imagine. I suppose one day it will get worse because every time I think we’ve hit the limit, it always gets worse.”

Frank Grimmelmann, president and CEO of Arizona Cyber Threat Response Alliance, called WannaCry “simply the tip of the iceberg.”

“If vulnerabilities are there,” he continued, “it’s not a question of if you will be attacked or will they ultimately be successful. It’s a question of when.”

The WannaCry malware that swept around the world infected vulnerable computers and held the data on them hostage by encrypting files and demanding a ransom to unlock the files.

The attack made its way through multiple countries, including Russia, parts of Europe and the US Reports said the ransomware is believed to have been developed from digital tools devised by the US National Security Agency, stolen by a group of hackers known as the Shadow Brokers, and leaked online in April, reportedly to protest Donald Trump’s presidency.

The malicious software exploited a Windows computer vulnerability that allowed it to spread. A patch was released by Microsoft in March, but computers that had not been updated are at risk of infection.

Among the affected systems were hospitals, government offices, and FedEx. It was not the first ransomware attack, and experts are certain it will not be the last.

Tom Kellerman, CEO of Strategic Cyber Ventures said he and many in his industry see this as “almost a trial run.”

Kellerman said the inter-networking of smart devices has only increased vulnerabilities, “given all the opportunities that it provides” a hacker.

While WannaCry mostly hit business and government systems, Kellerman warned that the next targets could be homes.

“You can walk away from work and call it a day. But these things now will impact your personal life and safety at home, should they not be corrected soon,” he said.

Grimmelmann said he believes that businesses and individuals will ultimately adapt to combat cyber-attacks, but added that the WannaCry attacks demonstrated “the danger of knowing that vulnerabilities exist and not making vendors aware of them, therefore not having patched systems.”

Scott said because the attack utilised “state-sponsored weaponry,” the hackers exploited a “vulnerability that no one was aware of.”

“We are, as a country, very ill-prepared,” he said. “The US government does not know how to deal with the loss of their toys and because they don’t know how to deal with that, we are all suffering and we will all suffer a lot more.”

Scott said the future of cyber protection lies in the hands of businesses and individuals, and not solely in the hands of the government.

“I think that this is actually the moment when everyone can be called to the table and say, ‘Do you realise now that government is not the answer to these problems?’” he said. “Play time is over. It’s time to get serious.”

Ein News

You Might Also Read:

North Korea's Unit 180 Managed WannaCry Attack:

WannaCry Also Hit Windows 7 Systems:

 

Current Cybercrime Threats Originate In Espionage:

 

« Mystery British Airways IT Failure
Russian Hackers Sow Disinformation Via Leaks »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

Silverfort

Silverfort

Silverfort introduces the first security platform enabling adaptive authentication and identity theft prevention for sensitive user, device and resource throughout the entire organization.

Project Moore

Project Moore

Project Moore is an Amsterdam law firm specialising in IT-law and privacy.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

Stamus Networks

Stamus Networks

Stamus Networks offers Scirius Security Platform solutions that marry real-time network traffic data with enhanced Suricata intrusion detection (IDS) and an advanced analytics engine.

TestArmy

TestArmy

TestArmy CyberForces provide you with a broad spectrum of cybersecurity services to test every aspect of your IT infrastructure security and software development process.

Pentesec

Pentesec

Pentesec is a security specialist offering professional services, managed security services and expertise within an extensive range of security technologies.

CICRA Consultancies

CICRA Consultancies

Cicra Consultancies is a company that specializes in cyber security. Our major activities are guided by three main principles: Prevent, Investigate, Prosecute.

Private Client Cyber Security (PCCS)

Private Client Cyber Security (PCCS)

PCCS provides enterprise-grade cybersecurity consulting and services to professional practices, executives, athletes, and high net worth families.

Zeus Cloud

Zeus Cloud

Zeus Cloud provide clients with world-class web hosting services to businesses both big and small.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.

Foresights

Foresights

Foresights is a Nordic company utilizing advanced intelligence tradecraft and extensive cyber security capabilities to deliver services and advisory tailored to our client’s critical requirements.

Cloudbox

Cloudbox

Cloudbox build and maintain a highly secure, compliant IT infrastructure for our clients – with total peace of mind – so they can focus on the market.

OryxAlign

OryxAlign

OryxAlign offer managed IT and cyber security, cloud and digital transformation, and tailored professional and consulting services.

Supersecure

Supersecure

Supersecure is a Managed Security Service Provider (MSSP) offering a wide range of information security solutions.