Ransomware infections still successful
Another ransomware outbreak is spreading throughout several businesses in Europe and the UK. Indicating clearly that the need for network security improvements continues to rise.
The media is reporting this current outbreak as another “cyber-attack”. This serves to make it seem like a targeted assault on the affected companies and that isn’t entirely truthful. There currently doesn’t seem to have been any indication that businesses are under attack. Based on the type of infection, these businesses have fallen prey to exploits that have not been properly addressed.
Not a new risk
This current ransomware infection , while it does have multiple methods of attack, uses a vulnerability found in Microsoft operating systems. This vulnerability grants the ransomware access to files stored in Windows or network shares that Windows has access to. Reports indicate that these infections have been most successful against Windows 7 64-bit clients.
What makes these facts so very interesting is that the WannaCry exploit terrified the world back in May using the same vulnerability. The reason that WannaCry was so successful at doing harm was due to the fact that the affected machines had not been updated. The vulnerability used by these infections is a long-standing issue in a Windows technology that really isn’t required anymore. Knowing this, Microsoft released a patch to prevent this vulnerability from affecting their customers three months prior to WannaCry’s successful campaign.
Here we are, several weeks after WannaCry’s successful spread, and a new ransomware is taking the stage using the same unlocked door. A door which could have easily been nailed shut by some simple security updates and ensuring solid security measures were in place.
The affected companies have fallen victim to a lack of preparedness. Doubly embarrassing would be the lack of security measures taken following the last outbreak. Imagine your neighbour’s home has been broken into because of a problem with their door lock. This type of event causes fear and evokes a sense of violation in the victims and those close to them. Now imagine going to work three weeks later, knowing that your home has the same locks and you haven’t repaired or replaced them, and then returning to the scene of a break-in. A simple preventative measure could have saved a great deal of risk. These ransomware outbreaks take advantage of that same lack of preparedness.
We’re hearing from the affected companies, via the media, that they are under attack. This shifts responsibility for these issues onto the creator of the infection. While it’s true that the type of mentality that causes someone to create malware is beyond reproach, the responsibility is not theirs alone. Microsoft Windows is capable of keeping itself up to date. In the case of these infections simply allowing Windows to do what it was designed to do would have prevented so much damage.
Ask your IT staff or provider how well you are protected. Ensure that you understand the answers. If the answers don’t make sense, ask them again. Those who seek to do harm by writing software like this are not going away.
We all share the responsibility for protecting ourselves and preventing the spread of viruses and other harmful software.