Just over a week ago the WannaCry ransomware made many in the NHS and the cyber security industry start to shed a tear or two.
What is being now referred to as the largest sale ransomware attack, to date, has understandably obtain detailed press coverage and industry analysis across both the mainstream and IT business press.
One story that very quickly rose to prominence around this cyber attack was the tale of Marcus Hutchins, a 22-year-old British cybersecurity researcher, who managed to slow down the spread of WannaCry from a bedroom at his parents’ house.
The ‘accidental hero’ story, tells how Marcus obtained a copy of the ransomware and that it was querying an unregistered domain, which he then promptly registered. Marcus put a incredibly detailed explanation of his work on his personal blag, and although it made my head hurt, I’m sure that many cyber security experts will find it of great interest. I’m in no doubt that thanks to his work, Marcus will not be short of work offers in the near future.
WIRED Magazine analysed the developing story and concluded that although this was the worst digital disaster to strike in many years, it was not the work of hacker and cyber criminal master minds, more a slightly sloppy scheme that had many amateur mistakes within it.
Some of the errors that they highlighted were, including building in a web-based “kill-switch” that cut short its spread, unsavvy handling of bitcoin payments that makes it far easier to track the hacker group’s profits, and even a shoddy ransom function in the malware itself. This lead them to believe, based on reports from industry analysts that the system makes it impossible for the criminals to know who’s paid the ransom and who hasn’t, which by any measure is a bit of a flaw!
The estimate that despite its wide ranging infection, it has not led to the vast gains associated with ransomware, believing that at the time they published their article that only $55,000 had been earned. It would certainly appear that this outbreak was certainly a case of scale over substance, however WIRED warns that the next set of criminals may be far more skilled at fuelling the spread of their epidemic—and profiting from it.
The natural assumption from a wide ranging, but not highly profiteering ransomware attack would be of course to see it as a ‘wake up’ call for all those who to date have not taken even the most basic of recommended preventable action. However, SC Magazine was not so optimistic.
Their analysis, based on the low financial impact of this attack was that it didn’t make a big enough dent in any single business or personal fortune to greatly influence a behavioural change. With that in mind and with precious little political pressure for change, it creates little motivation for companies and their security teams to improve cybersecurity.
In many conversations that I have had with a wide range of cyber security experts, researchers, penetration testers and consultants, they have all expressed that what is ’needed’ but not necessarily ‘wanted’ was a large scale attack, with minimal impact to jolt people into action. Well, we’ve had the attack, but so far not much action.
It looks like all WannaCry has created is a lot of crocodile tears.
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.