WannaCry: The impact of poor cyber security

Unless you’ve been hiding under a rock for the past week, you’ll be aware of the ransomware WannaCry. It has been estimated that over 200,000 computer systems across the world were infected, affecting more than 150 countries. This is, of course, not the first ransomware virus to have been created, but its indiscriminate nature has meant that it has spread incredibly quickly, and caused disruption for many.

The malware holds the computer system’s data hostage, threatening to remove all of the data on the computer unless the user pay the equivalent of £230/$300 in Bitcoin. It has been reported by large news outlets that whoever is behind the attack, something that remains unknown, has managed to unlawfully take over £84,000 from computer users. This may seem like a large sum of money, but in comparison to other viruses (such as a slightly less reported virus, being dubbed by Reddit users as ‘WannaMine’) this is actually a relatively small amount.

Many large companies and organisations were affected by the ransomware; reportedly the Russian embassy, Renault factories in France, the NHS in the UK and Fedex have all been affected. For most of us, having our computer data held ransom would be a massive inconvenience, but for those working in the NHS on Friday 12th of May, WannaCry had serious consequences on hospital workers ability to treat patients, as according to the BBC 47 trusts were hit with the virus.

There has been a lot of speculation over the course of the last week with regard to who may be responsible for this attack. Much of the speculation indicates a political motivation for the spread of this ransomware, most likely because the origin of the Microsoft exploit: the exploit, called Eternal Blue, was developed by the National Security Agency (NSA), a USA government department.

Initially, many people suspected Russia may have had something to do with it, but after an official statement from Russian President Vladimir Putin stating that Russia “had absolutely nothing to do with it” and taking into account the fact that Russia itself has been affected by this attack, it seems unlikely.

Another nation suspected of being behind the attack is North Korea, but the fact that China, one of North Korea’s main allies was also affected, and evidence shows hackers intended for this to happen as there was a version of the software written in Chinese, also points that this is unlikely.

It is very possible that due to the indiscriminate nature of this attack, the motivation behind the cyber-attack was in fact not political at all. Europol’s Jan Op Gen Oorth has claimed to be working on a decrypting tool in order to find the culprit.

The response to the attack has been dramatic. For example, Julian King, the EU Commissioner for Security, has told the BBC that the EU is proposing legislation to reinforce cyber security. It has been reported that the Cybersecurity Stocks have boomed after the attack, as there is an expected increase in spending on IT security. Due to the skills gap with regard to cybersecurity, companies affected are having to outsource to cybersecurity companies in order to have their systems decrypted.

In response to this ransomware attack that has captured the attention of millions across the globe, highlighting the vast skills gap that has been reported earlier this year, our partner Estio Training is offering a one week free Microsoft course ‘MTA in Security Fundamentals’ to any client that appoints an apprentice during May/June.

To find out more about these offers please get in touch via email or call us on 01133 500 555.