Will the WannaCry ransomware serve as a meaningful infosec wake-up call?

Described as “unprecedented” in scale by Europol, the wave of WannaCry ransomware attacks over the last four days brought hospital infrastructure to its knees. But ransomware is no new threat: will WannaCry finally act as a catalyst to a wider infosec wake-up call?

WannaCry was launched on Friday 12 May, and over the weekend had affected more than 200,000 IT systems worldwide. Independent researcher Kafeine discovered WannaCry was using code based on the NSA’s EternalBlue exploit, which was publicly leaked by a hacker group called the Shadow Brokers in April this year. EternalBlue uses a vulnerability in the Microsoft Server Message Block protocol for file-sharing to distribute itself on the local network as well as a network worm. An infected device will display a message demanding up to roughly $600 (£460) in bitcoin payment to decrypt locked files.

Home secretary Amber Rudd confirmed that one in five NHS England trusts were hit by the attack. She said that no patient data had been stolen – and while that’s a plus, operations were affected, with hospitals and GP surgeries turning patients away.

Many of the trusts were running Windows XP, an operating system that has not been officially supported for most users since April 2014. Microsoft patched the offending exploit but older, legacy software and operating systems without Windows Update, such as XP, would have remained at risk. Following the wave of attacks, Microsoft took the unusual step to issue a patch to older versions of Windows in order to make moves towards resolving the problem.

And a report from Citrix found through a Freedom of Information request, the majority of NHS Trusts were still running Windows XP. The government ended a £5.5 million contract in 2015 for customised support for the dated operating system.

Britain’s National Cyber Security Centre claimed it was working closely with the National Crime Agency “around the clock” to address the problem.

Read full news article on CSO