Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

June 12, 2017

Protected with Purpose:  The Real Problem Behind WannaCry
(The Ransomware Attack Was Avoidable.)

Article by: Steven Sundermeier

Thirtyseven4 Offers Proactive Protection Against WannaCry

Potholes can be dangerous. They’re also a big-league annoyance. And alas, potholes are everywhere.

They’re caused by the expansion and contraction of ground water after it has entered into the ground under the pavement. The city of Cleveland (my home town) uses approximately 3000 tons of material every year to fill potholes. The city also allocates 10 – 12 crews per day to repair potholes. These depressions in our road surfaces can cause many problems, and just like their varying shape and sizes, the issues they cause also vary greatly. A minor pothole issue may result in a $100 setback for re-alignment or a cracked rim. Potholes can also result in a $2,000 (major!) re-alignment or even a traffic accident.

As I drove into work one morning recently, I was forced to veer sharply to the side of the road to avoid a massive pothole, frustration washed over me because this pothole hazard in the road was not fixed. The funny thing is, I have likely driven by this pothole over a hundred times previously without concern or irritation.
 
Connecting potholes to technology may not seem logical to you, but as a cyber security expert all things relate to technology for me. Previous to the pothole swerve, earlier that same morning news broke of the WannaCry ransomware. WannaCry is a form of ransomware that spreads rapidly using the Microsoft Windows “Eternal Blue” exploit. Like most forms of ransomware, business networks and regular home users alike impacted by WannaCry found their files encrypted with a $300 ransom note.
 
While WannaCry was not overly complicated or sophisticated what made it stand out was its worm-like behavior (the ability to propagate to other at-risk systems on the network) not previously seen in ransomware and its association with the Microsoft Windows “Eternal Blue” exploit leaked from the U.S. National Security Agency (NSA). A patch for the Eternal Blue exploit was released by Microsoft back in March 2017, meaning that at the time of the outbreak corporations, hospitals and users affected by WannaCry had to be 2 months behind in their Windows Updates patches. Any system that contained the patch was not affected. (When was the last time you updated your machines/devices with the latest patches available?)

According to reports at the time of this writing, WannaCry may have impacted over 300,000 organizations (including hospitals, utility providers, and home users) in over 150 countries. In fact Microsoft, which discontinued support (patches, etc.) a long time ago for its 16 year-old Operating System Windows XP, was forced to issue a patch for it. There was also so much initial concern out of the White House that President Trump ordered two emergency meetings regarding the global ransomware attack.

The bigger discussion should surround NSA’s (or any intelligence agency) decision to hoard security vulnerabilities for surveillance purposes, gathering intelligence on targets. Should the intelligence community immediately make these exploits known to software companies like Microsoft? However before we can dive deeper into the bigger political picture we need to really discuss the elephant in the room: how this incredible WannaCry massive cyber attack was easily avoidable by simply maintaining regular software updates.
 
We need to do some soul searching. So: raise your hand (yes, I really want you to raise your hand!) if when an installed application on your system asks you to ‘Update Now’ or ‘Remind Me Later’ your tendency is to click Remind Me Later. Don’t feel bad, I’m a security expert and I can be guilty of the same thing. We live incredibly busy lives, and the last thing many us want is to sit still and let a program update for 2 minutes. Am I right? Our laziness, or our perceived contentment (“everything is working fine”) can be summarized in one word: WannaCry.
Another image of how to combat exploits like WannaCry is to think of the immediacy of stopping a water leak in your home. In February, my wife went downstairs to our basement and noticed water flowing from under the utility closet door. When she opened the door, she immediately knew we had a major problem on our hands regarding our water heater. Thanks to excellent area plumbing companies, within an hour, we had a professional onsite fixing a damaged hole in one of the pipes. Translation-when something needs fixing, DO IT!

The real problem is that we treat patching and updating our machines and devices, even for very critical vulnerabilities and exploits like “External Blue” like potholes. We are aware they’re a security hazard but we often swerve around them; we don’t take action until it’s too late.

We need to treat patching more like a flooding water heater and with the same level of urgency! We need to stop clicking “Remind Me Later’ or ‘No Thanks’, and take immediate action. If we do so, we greatly minimize the risk and exposure to cyber attacks. Cybercriminals will continue to get increasingly sophisticated and our first layer of defense is patching our systems. The WannaCry outbreak was avoidable.
 
When we click “remind me later” we are (in a sense) swerving around a possible vulnerability. But the risk remains: the pothole is still there. I encourage you to take the time and keep your programs and applications current: a 2-minute update could save you the time and frustration of a ransomware infection. In effect, this “fills in your pothole”, and you can move forward smoothly and without risk in that area.

City streets and your devices may not have much in common, but preventative maintenance and cautious care can make a difference in the longevity and safety of your travels, whether on the road or on the Information Superhighway. Make the effort to stay current in your updates and patches, because out-of-date programs may make you WannaCry.

 

Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4