Tech Translation: What Is WannaCry Ransomware And Why You Should Care | The Odyssey Online
Start writing a post
Lifestyle

Tech Translation: What Is WannaCry Ransomware And Why You Should Care

Learn how this malware augmented with leaked NSA hacking methods caused panic for days.

18
Tech Translation: What Is WannaCry Ransomware And Why You Should Care
Trust Marque

Several times over the past year you may have heard about NSA computer surveillance tools and code being publicly leaked. An anonymous hacker group known as The Shadow Brokers recently took credit and even tried to auction off these tools.

Imagine stealing a few missiles from an army base and putting them up on eBay. This is no less serious.

"This is quite possibly the most damaging thing I've seen in the last several years.
This puts a powerful nation-state-level attack tool in the hands of anyone."

Matthew Hickey, Hacker House

This past weekend, version 2.0 of the WannaCry ransomware utilized the hacking power in those NSA leaks to infect hundreds of thousands of computers around the world. Not just your grandma's computer either. This attack locked computers at factories, hospitals, and institutions for a few days until being heroically crippled thanks to the hard work of one independent security researcher.

So what the hell is going on? What's ransomware and why does it make me WannaCry?

That's our Tech Translation topic, class is in session.


So what happened?

Ransomware is a particularly nasty type of computer malware. Once inside a system, the program takes your data hostage (or at least pretends to) until a ransom payment is made to the attackers, usually via hard-to-trace online currencies like Bitcoin.

The WannaCry authors took this to the extreme by encrypting your data until a payment is made.

PRO TIP: if ransomware happens to you, don't ever pay. What incentive do criminals really have to keep their word and restore your files? Zero.

When used by the good guys, encryption is a standard security practice. It basically scrambles your data into an alien language behind the scenes so anyone without a proper key can't read it. Ransomware will send that key back to its master before deleting itself, leaving you to sit there with your mouth open.

After the initial batch of infections, most likely through spearphishing attacks, WannaCry used the Windows SMB vulnerability information and tools stolen from the NSA to bypass normal security measures and spread automatically to other computers. That's what made this so horrible.

The NSA used these vulnerabilities for years without telling Microsoft. Computers running older versions of Windows like XP, 7, 8 and Server 2003 were at the highest risk. Microsoft actually released a security patch in March this year to address these vulnerabilities when they leaked, even for XP the day after the attack.

The problem is that so many machines around the world had not been updated to that critical security patch and remained vulnerable.

Needless to say, Microsoft is furious with the NSA.

Who done it?

Nobody's really sure right now. We can assume it's the same authors as WannaCry 1.0, which did not utilize the NSA tools and failed to spread effectively.

Russian malware typically tries to avoid infecting fellow citizens, but WannaCry doesn't mind infecting computers set to Cryllic (Eastern Europe / North and Central Asia). Time-stamps in the code suggest maybe Japan, Indonesia, Korea or far East China / Russia.

Other evidence points to a new group of amateur hackers. For instance, hundreds of thousands of victims were hit around the world. Even Trevor Noah had a WannaCry segment on his March 15th evening show. Not so subtle; law enforcement is pissed.

Also, only a $300 ransom? Psh. I would have demanded at least $500. Noobs.

If it's so scary, why aren't we all infected yet?

Like I said, updated computers didn't have much to worry about. Windows 10 has the fixes already. This was more of a problem for larger organizations or lazy people.

Also, one security researcher Marcus Hutchins, known as MalwareTech, found the hidden Achilles Heel.

To analyze and observe malware in action, programs are confined to little digital jail cells known as virtual machines: Windows inside of Windows. They can run but cause no harm. It's standard practice.

Remember Volkswagen's diesel emission scandal? Cars could detect when they were being inspected and started operating differently to pass. Malware can have similar features.

To know if their virus is being inspected, one method is to make it call out to one or more random URLs. When inside a jail cell, the reply would be the same "YES" for all addresses and the virus will basically shut down to avoid study. If not being inspected, those calls should return as "NO" and it would try and spread further.

In this case, when Marcus saw the URL being called he immediately registered it for like $10. This caused every instance of WannaCry around the world to think it was being inspected and stop spreading.

This gave other countries, organizations and security buffs some more time to get a handle on the situation. The authors could have registered it themselves, but didn't. Noobs.

Check out his whole blog write-up here.


Aftermath

The bitcoin addresses given by the thieves are being monitored. Bitcoin might be "anonymous" and decentralized, but transaction information is still publicly recorded. With enough study, patterns and identities could be discerned in time.

The National Health Services (NHS) of England and Scotland were hit hard with up to 70,000 devices including computers, MRI scanners, and blood refrigerators being affected. Some NHS services had to turn away non-critical emergencies and ambulances for a time.

Some factories and companies shut down for a day to stop it from spreading further and perform cleanup. Bloomberg has an article detailing more about affected entities.

Microsoft denounced the NSA for hoarding information like that. Ultimately it causes more harm than good when things reach the wrong hands. They want the world to see this as a warning. If a few amateurs can accomplish this, imagine what a team of veteran hackers could accomplish.


That's all folks. Hopefully, you learned to keep your machines updated.

Drop a comment or reach out on social media to discuss with me.

@pjmulroe #MakeSecurityGreatAgain #WannaCry

https://www.troyhunt.com/everything-you-need-to-kn...

http://www.bbc.com/news/technology-39924318

https://en.wikipedia.org/wiki/WannaCry_ransomware_...

Report this Content
This article has not been reviewed by Odyssey HQ and solely reflects the ideas and opinions of the creator.
10 things that happen the second Thanksgiving is over
reference.com

To those who celebrate, you just spent an entire day cooking an elaborate meal with all of your favorite foods. You probably ate your body weight in pumpkin pie and mashed potatoes. What happens now? Oh yea, Christmas. It’s time to take out all of the decorations and Christmas themed things that have been sitting in the attic since last year; it’s time to make a reappearance. So, here are 10 things that happen the second Thanksgiving is over.

Keep Reading...Show less
Adulting

18 Things I Want To Do Now That I'm 18

I'm technically an adult, so I'm legally required to live a little, right?

3394
Happy Birthday Cake

For the entirety of my high school career, I was always seen as the goody-two-shoes. I never got in trouble with a teacher, I kept stellar grades, and when I wasn't doing extracurricular activities, I was at home studying. Even when I did go out, it was usually with a bunch of fellow band geeks. The night would end before 11:00 PM and the only controversial activity would be a fight based on who unfairly won a round of Apples-to-Apples when someone else clearly had a better card (I promise I'm not still holding a grudge).

Now that I'm officially an adult, I want to pursue some new things. I want to experience life in a way that I never allowed myself to do prior to entering college. These are the years that I'm supposed to embark on a journey of self-discovery, so what better way to do that than to create a bucket list?

Keep Reading...Show less
Featured

10 Life Lessons from Christmas Classics

The holiday classics that shaped my life

2057
10 Life Lessons from Christmas Classics
Flickr

The holiday season is full of stress, debt, and forced conversation. While we rush through the month of December, it's important to take a step back and enjoy the moments before they're gone. Most families love to watch Christmas movies, but these beloved films provide more than entertainment. Here are 10 life lessons that I've learned from the holiday classics we watch every year.

Keep Reading...Show less
Featured

15 Mind-Bending Riddles

Hopefully they will make you laugh.

201373
 Ilistrated image of the planet and images of questions
StableDiffusion

I've been super busy lately with school work, studying, etc. Besides the fact that I do nothing but AP chemistry and AP economics, I constantly think of stupid questions that are almost impossible to answer. So, maybe you could answer them for me, and if not then we can both wonder what the answers to these 15 questions could be.

Keep Reading...Show less
Entertainment

Most Epic Aurora Borealis Photos: October 2024

As if May wasn't enough, a truly spectacular Northern Lights show lit up the sky on Oct. 10, 2024

21666
stunning aurora borealis display over a forest of trees and lake
StableDiffusion

From sea to shining sea, the United States was uniquely positioned for an incredible Aurora Borealis display on Thursday, Oct. 10, 2024, going into Friday, Oct. 11.

It was the second time this year after an historic geomagnetic storm in May 2024. Those Northern Lights were visible in Europe and North America, just like this latest rendition.

Keep Reading...Show less

Subscribe to Our Newsletter

Facebook Comments