EDITOR’S QUESTION
WHAT DO ENTERPRISES
IN THE MIDDLE EAST
NEED TO INVEST
IN TO REDUCE THE
POSSIBILITY OF A
RANSOMWARE ATTACK?
The chaos created by the WannaCry
outbreak highlighted the truly disruptive
force of ransomware. a victim took too long to pay, and
eventually they were unable to pay to
have files returned.
Considered to be the most dangerous
ransomware outbreak to date,
WannaCry’s impact was significant
with financial, energy, transportation
organisations and national
infrastructure all coming under fire. Furthermore, there are reports of
victims paying and not even receiving
decryption keys.
There was no discernible pattern to the
organisations that were targeted with
the malware spreading indiscriminately
across the world with no apparent
control by its operators.
Perhaps most disturbing was its impact
on the real lives of ordinary people. In
the UK, for instance, the attack upon the
NHS saw operations cancelled, X-rays,
test results and patient records becoming
unavailable and phones not working.
The demand of a ransom suggested
WannaCry was the work of
cybercriminals, although given the
sheer scale of disruption, some
experts considered the involvement
of a nation state. Despite endless
analysis from security teams
researching the threat no agreement
was reached about the identity of the
guilty parties.
The WannaCry attacks had the goal
of encrypting files and demanding a
payment from the victim - mostly in the
form of a Bitcoin payment in order to
decrypt their files. To further complicate the issue, while
malware may initially be developed
by a single party, this does not mean
copycats will not get hold of it and
use it for their own ends. It is possible
that Malware samples might have
been accidentally or intentionally
leaked, stolen, sold, or used in a
breakaway operation by rogue
members of a group.
With one strain of WannaCry users
were prompted to pay $300 in Bitcoins
to get their files back. But in a sinister
twist the cost went up to $600 if While finding out the identity of
those responsible for WannaCry may
satisfy our curiosity, it is perhaps more
important to learn lessons from it
INTELLIGENTCIO
76
76 INTELLIGENTCIO
especially given the likelihood of the
ransomware threat staying with us.
Rick Holland, Vice President, Strategy,
Digital Shadows, said: “Unfortunately
the ransomware ‘business model’
is very profitable for cyber criminals
and we’ve seen multiple reports of
organisations paying out in the past.
“Keeping up-to-date with ransomware
is not easy, there are many variants.
Many do get shut down and their
encryption cracked, only for another
version to spring up – therefore it’s a
constant game of cat and mouse.”
The attack on 200,000 plus computers
across more than 120 countries around
the world by WannaCry ransomware
certainly got the attention of
governments, media, consumers and
law enforcement. But the actual impact
could have been so much worse.
“Much ink is still being expended trying to
determine who was responsible and what
their motives were and many believe this
might have been the act of inexperienced
hackers who lost control of their creation.
Certainly, at the time of writing, none of
the ransom has been collected from the
bitcoin accounts victims were encouraged
to send their money to” said Holland. ¡
www.intelligentcio.com
www.intelligentcio.com