All around the world, hundreds of thousands of computer users have been confronted with a big red screen demanding in big red letters a payment of up to $600 in bitcoins to unlock it.
They had fallen victim to the ransomware virus WannaCry, which locked up more than 200,000 computers in more than 150 countries on May 12, 2017.
While the initial WannaCry virus was partially stopped in its tracks after a couple of days, the full extent of the damage remains unclear. Plus there are fears that a second wave of ransomware viruses could soon be on its way.
“WannaCry’s worm-like behavior and its ability to easily propagate across the organization make this a particularly dangerous strain of ransomware,” says Ed Stroz, Co-President at Stroz Friedberg, an Aon Company.
“The malware spreads from the infected computer by scanning other computers and systems on the network, and over the internet, infecting these connected machines by exploiting the same vulnerability, all without any user action.
“Essentially, it only takes one infected user on a network to put the whole organization at risk.”
Another factor behind WannaCry’s speed and relative success is the intricate and Byzantine nature of modern computer networks.
“One of the challenges of cyber is that it is a very complex environment,” says Jim Trainor, Senior Vice President, Aon Risk Solutions and former Assistant Director of the FBI’s Cyber Division in Washington, DC.
“Bad actors use and exploit infrastructure both in and out of the United States. A lot of groups who conduct such criminal activity don’t reside in the U.S. This makes it increasingly challenging for both government and companies to protect themselves because those attacking them don’t actually reside in the locations in which they operate.”
With cyber risk on the rise, and business interruption a growing concern, what key lessons can organizations learn from the WannaCry incident?
Please click on the following link for more information: