WannaCry Outbreak Is Just A Tip Of An Iceberg

Uploaded on 2017-06-02 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Cybersecurity experts called the recent international cyberattack known as “WannaCry” among the worst they have seen, and warned about the country’s lack of cyber-security preparation.

“This is only the beginning of a very, very long list of bad stuff,” said Brett Scott, co-founder of the Arizona Cyber Warfare Range. “It’s about as bad as one can imagine. I suppose one day it will get worse because every time I think we’ve hit the limit, it always gets worse.”

Frank Grimmelmann, president and CEO of Arizona Cyber Threat Response Alliance, called WannaCry “simply the tip of the iceberg.”

“If vulnerabilities are there,” he continued, “it’s not a question of if you will be attacked or will they ultimately be successful. It’s a question of when.”

The WannaCry malware that swept around the world infected vulnerable computers and held the data on them hostage by encrypting files and demanding a ransom to unlock the files.

The attack made its way through multiple countries, including Russia, parts of Europe and the US Reports said the ransomware is believed to have been developed from digital tools devised by the US National Security Agency, stolen by a group of hackers known as the Shadow Brokers, and leaked online in April, reportedly to protest Donald Trump’s presidency.

The malicious software exploited a Windows computer vulnerability that allowed it to spread. A patch was released by Microsoft in March, but computers that had not been updated are at risk of infection.

Among the affected systems were hospitals, government offices, and FedEx. It was not the first ransomware attack, and experts are certain it will not be the last.

Tom Kellerman, CEO of Strategic Cyber Ventures said he and many in his industry see this as “almost a trial run.”

Kellerman said the inter-networking of smart devices has only increased vulnerabilities, “given all the opportunities that it provides” a hacker.

While WannaCry mostly hit business and government systems, Kellerman warned that the next targets could be homes.

“You can walk away from work and call it a day. But these things now will impact your personal life and safety at home, should they not be corrected soon,” he said.

Grimmelmann said he believes that businesses and individuals will ultimately adapt to combat cyber-attacks, but added that the WannaCry attacks demonstrated “the danger of knowing that vulnerabilities exist and not making vendors aware of them, therefore not having patched systems.”

Scott said because the attack utilised “state-sponsored weaponry,” the hackers exploited a “vulnerability that no one was aware of.”

“We are, as a country, very ill-prepared,” he said. “The US government does not know how to deal with the loss of their toys and because they don’t know how to deal with that, we are all suffering and we will all suffer a lot more.”

Scott said the future of cyber protection lies in the hands of businesses and individuals, and not solely in the hands of the government.

“I think that this is actually the moment when everyone can be called to the table and say, ‘Do you realise now that government is not the answer to these problems?’” he said. “Play time is over. It’s time to get serious.”

Ein News

You Might Also Read:

North Korea's Unit 180 Managed WannaCry Attack:

WannaCry Also Hit Windows 7 Systems:

 

Current Cybercrime Threats Originate In Espionage:

 

« Mystery British Airways IT Failure
Russian Hackers Sow Disinformation Via Leaks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Vertical Structure

Vertical Structure

Vertical Structure services include Security & Penetration Testing, Information Assurance, Bespoke Training Programs and Secure Hosting.

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

Communications Authority of Kenya

Communications Authority of Kenya

The Authority is responsible for facilitating the development of the information and communications sectors including; broadcasting, telecommunications, electronic commerce and cybersecurity.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

Axellio

Axellio

Axellio provides economic, end-to-end cyber security solutions designed for your team, environment, and security objectives, providing packet level visibility across your network.

Think|Stack

Think|Stack

Think|Stack is a managed IT services company specializing in cloud and cybersecurity with human-centered design.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

Apollo Information Systems

Apollo Information Systems

Apollo is a value-added reseller that provides our clients with the complete set of cybersecurity and networking services and solutions.

Marcum Technology

Marcum Technology

Marcum Technology consultants are focused on helping you reach your company’s full potential by exploring creative ways to integrate tomorrow’s technology into your business today.

Akto

Akto

Akto, the plug & play API security platform. Discover your APIs, run tests and find business logic vulnerabilities at ludicrous speed.

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.