Wannacry Ransomeware proves privacy advocates RIGHT - Wanna Cry Explained - The Hated One
FBTwitterReddit
video description
Rating: 4.0; Vote: 1
Wannacry Ransomeware proves privacy advocates RIGHT - Wanna Cry Explained - The Hated One
Windows patch:
On Friday 12 2017 a patient expecting his heart surgery was just getting prepared for his operation that was about to begin, when a surgeon walked into into the room announcing -the surgery has to be canceled because we-ve been hacked-. They saw a strange message on their Windows-based computer systems informing them that all their data have been encrypted and the only way to unlock them is to pay $300 in bitcoin. Failing to do so in three days would result in doubling the ransom and then completely shutting down after seven days should the victims refuse to pay. Within hours 48 of Britain-s National Health Service hospitals, offices and ambulances have been rendered unusable by this malware. 11 out of 14 Scottish NHS boards were also hit.
Soon, reports of Wanna Cry ransomware have emerged from Spanish telecom giant Telefonica, Protugal Telecom, US FedEx, Chinese schools, Italian university lab, Sweden-s local authority, Deutsche Bahn, Nissan-s manufacturing center in England, and even Russian Interior Minister. By the end of Friday, the malware spread to estimated 80 countries around the world. And from observing the Bitcoin traffic, around $33, 000 worth of cryptocurrency have circulated towards the Bitcoin accounts displayed on the ransomware. The malware was bound to become one of the largest cyberatacks in history and the most severe ransomware ever.
As of right now it is estimated that the Wcry ransomware could have affected over a quarter million computers in 150 countries. This malware was spreading through the internet like a worm, and not an ordinary cyber attack, utilizing the weaponized Microsoft Windows vulnerability EternalBlue, developed by the National Security Agency, and recently stolen and leaked by the Shadow Brokers hacker group. The attack was so serious that Microsoft released immediate security patches for version of the operating systems it no longer supports - including Windows XP, Windows 8, and Server 2003.
The problem was that the attackers only used a hole in the system to spread the virus they learned about almost exactly a month ago. There is no guarantee that even patched systems couldn-t get affected. In the meantime, a 22-year-old cybersecurity researcher from UK discovered a kill-switch by registering a domain name, which was hardcoded into the malware in case the attackers wanted to shut it down. However, nothing can stop them from bypassing this kill-switch by creating a variant with a different domain name. As of right now, the kill-switch only managed to stop massive spread of the virus into the United States. But that may just be temporary.
What-s most interesting in this hack is the timeline. So the first occurrences of the Wannacry began on May 12, and the EternalBlue exploit was leaked on April 14 the same year. However, Microsoft released a patch for this exploit exactly a month before it was released. It is not known how long Shadow Brokers have been holding the hacked information before releasing it to the public. But it leaves plenty of room for uncomfortable speculation. There are no official confirmations that the NSA hasn-t worked with the companies on weaponizing the exploits. But the NSA has been caught requiring companies not to fix the epxloits it discovered and wanted to use for cyber operations. Could the NSA discover they-ve been successfully hacked and that their information could be held by adversaries, and told Microsoft to release the patch? It appears to be extremely likely. There seems to be tight behind-closed-door cooperation between a state organization, funded fully by the taxpayers- money, and private technological conglomerates operating across the globe.
This attack is also a powerful argument for privacy advocates who have been saying all along that a backdoor vulnerability for our government, is the backdoor access for anyone else in the world. State intelligence agency has been weaponizing private companies- vulnerabilities, which have been stolen by someone, and then used by probably some medium-level Eastern European non-state hackers. The problem is that no amount of surveillance state can secure itself against the kind of threat that can emerge from anywhere in the world without any attribution whatsoever. The bigger the monster grows, the more exposed to hits it gets.
Wannacry is the worst infection since the Conficker worm attack in 2009 that infected millions of systems in 190 countries
The: Cyberspace is the new battlefield of modern warfare. The NSAs surveillance state efforts begin to backfire tremendously. Do you think we can expect more attacks exploiting NSAs own largeness? Date: 2022-03-20
