Member-only story
Blast from the Past: Trust in Data Attacked
The WannaCry attack was not the largest infection in history. Conficker, Slammer, ILoveYou, NotPetya, among others infected more computers and perhaps created more damage. Why did WannaCry had to happen? Because it could.
We have seen for the last few years ramsonware distributed using phishing and drive-by downloads. It was just a question of time before someone connected the dots and thought of creating a ransomware worm.
Many have learnt now something that had been forgotten: Vulnerabilities need to be patched. As the consequences of not patching are not immediately apparent, and the consequences of not testing the restore of backed up data is not immediately apparent, for many IT teams it became acceptable not to patch and not to test. For the next few months, this will no longer be the case. After that, managers will have new worries, or will follow new fads, IT personnel will move onto new jobs, and in two or three years a new worm will shake the world.
Just as IT learn how to prevent worm attacks. attackers will learn about their mistakes. WannaCry writers made several mistakes:
- The infection spread to companies that were not the original target.
- The infection spread too fast: This attracted attention and the response was relatively fast and effective.
