Why WannaCry ransomware took down so many businesses

It was widely speculated that ATM machines running on legacy operating systems would be the next target. A vast proportion of the affected computers in the WannaCry attack were running an unsupported operating system, Windows XP.

He said that private sector companies in the city were regularly hit by ransomware virus attacks in the last five years and that around 70 percent of them were infected.

Liran Eshel, chief executive of cloud storage provider CTERA Networks, said: "The attack shows how sophisticated ransomware has become, forcing even unaffected organizations to rethink strategies".

Michael V. Hayden, the director of the NSA from 1999 to 2005, said he had defended it for years in debates over civil liberties.

Then there's the US government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals.

Since increasing numbers of systems running older versions of Windows were affected, Microsoft had made a decision to push an emergency patch for Windows XP and Windows Server 2003, urging users to deploy the patch as soon as possible to limit the impact of WannaCry.

Any organization which heeded strongly worded warnings from Microsoft to urgently install a security patch it labeled "critical" when it was released on March 14 on all computers on their networks are immune, experts agree. As is standard, this did not include the legacy Windows XP software in use across the NHS.

WannaCry has largely been mitigated, but there are still hackers using the same exploit to infect computers - showing not everyone is able to fix their systems quickly. Microsoft officially stopped providing security support for XP in 2014 but issued an emergency patch in response to the latest attacks. For example, in India, most of the systems are not safe from future attacks.

"The size of the outbreak is indicative of the number of machines out there which have not been patched with security updates".

That's what led to such strong warnings being issued by security experts: Chris Camacho of New York's Flashpoint said, "When people ask what keeps you up at night, it's this"; Rohy Belani of email security company PhishMe said, "This is nearly like the atom bomb of ransomware".

Microsoft's top lawyer has blamed the government's stockpiling of hacking tools as part of the reason for the WannaCry attack, the worldwide ransomware that has hit hundreds of thousands of systems in recent days.

Lastly there are, of course, the attackers, who kidnapped precious data and demanded ransom be paid. According to Malwarebytes, 'Nearly 80% of organizations have been the victim of a cyber-attack during the past 12 months and almost 50 percent have been the victim of a ransomware attack'.

Make sure software patches are routinely applied. Perhaps, an indication that the technology industry is now willing to take government-embarrassing methods to resist the surveillance agencies' desire to exploit or insert vulnerabilities in industry products.

In April, when the Shadow Brokers dumped dozens of the agency's software exploits on the web, free to criminals and foreign spies alike, the clock began ticking towards inevitable calamity.

In his blog post, Microsoft's Smith says that "the governments of the world should treat this attack as a wake-up call". "An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen".

Microsoft could have slowed the devastating spread of ransomware WannaCry to businesses, reports the Financial Times.

Moreover, the malware code used in the attack has its origins in a cyberweapon that was stolen last summer from the National Security Agency by a mysterious group calling itself the "Shadow Brokers".

Latest News