WannaCry: An Example in How Lazy Updating Habits Caused Widespread Chaos
You’ve heard of it. Maybe you were affected by it. The recent cyber pandemic, WannaCry, made masses around the world want to do just that; cry.
The WannaCry ransomware attack managed to infect over 230,000 computers across the world, landing in 150 countries in just four days before security experts managed to slow the stampede. And how was it able to do that?
People didn’t update their computers.
If you are anything like me, the little window pop up telling me there are updates available is one of the most annoying things in the world. Remind me tomorrow, I will click. But I know I won’t update it tomorrow. I’m too busy with my computer at the time, I forget to do it at night before bed, and by the time I get the reminder again, I’m using my computer. It’s a vicious cycle — one that cost hundreds of thousands of people millions of bitcoins.
It would seem that the programmer behind the attack knew that vulnerability. The targets were computers running the Windows operating system. Just two months before the attack, Microsoft issued a security update that would have stopped the virus in its tracks. But many companies clicked to be reminded later and forgot all about it.
Because of this apathy, WannaCry seized millions of files and threatened to delete them unless a ransom of $300 US in bitcoin was paid.
According to Symantec, the countries most affected by the virus were China, Brazil, and the United Kingdom, with the United States, Australia, and India among many of the second hardest hit countries.
Many leading IT experts worked to find solutions. “MalwareTech,” a web security researcher and blogger, discovered a “Kill Switch” that greatly slowed the spread of the virus. Microsoft also released additional patches in the days following the attacks.
While the virus affected most out-of-date Windows computers, those running Windows 7 were among the most affected. Windows XP was also extremely vulnerable since an update patch hasn’t been issued since 2014. However, of the computers affected by the virus, 0.1% are running Windows XP.
Several computer security companies have since released new protection against attacks like WannaCry. Hopefully this experience taught the world to just update their computers.