WannaCry Ransomware Exploding Across the Globe
UPDATE: Microsoft releases version of MS17-010 SMBv1 on earlier platforms like XP and 2003. Also recommends deploy update ASAP!
As many of you know, there is a ransomware attack exploding across the globe. The last headline I read estimated that 90 countries were impacted. This could be one of the biggest cybersecurity incidents we have seen to date. The impact to hospitals is catastrophic and it’s absolutely inexcusable that people’s lives are being put at risk. Seeing ransomware attacks against a hospital gets my blood boiling, and I have some choice words about it, but will refrain for now.
What I do want to address is how this happened. I have seen a number of knee-jerk responses to this incident and want to take a step back and analyze them because I think some people are too close to the issue at the moment.
By now, you have likely seen many claims about the root cause of this attack – from the MS17-010 update not being applied to the “Crazy Bad” vulnerability discovered earlier this week in the Microsoft Malware Protection Engine, to phishing scams. In actuality, what we’re seeing is combination. Most effective malware has the ability to adapt and use a number of exploits to infect and propagate. We are witnessing a jackpot or perfect storm combination that has allowed this attack to be so effective so quickly. It reminds me of incidents like Conficker, where all the right exploits came together to create the Mona Lisa of cyber attacks.
Read the entire article here, WannaCry Ransomware Exploding Across the Globe
via the fine folks at Ivanti.