Kevin MageeAre we about to witness the world’s first ransomware global pandemic? Perhaps.
Computers in thousands of locations and in nearly 100 countries across the world, including the UK, US, China, Russia, Spain, Italy and Taiwan, have reported incidents of a ransomware infection called WannaCry. The alleged demands? Infected users are to pay $300 USD in Bitcoin within six hours or the ransom amount increases.
While $300 USD mightn’t seem much, it’s a rather insidious amount. Sure, for a single user, it’s not necessarily a significant loss, but for organizations with thousands of PCs rapidly being infected, the total extortion bill could quickly add up to tens or even hundreds of thousands of dollars. And already, Bitcoin wallets suspected to be associated with WannaCry are starting to fill up with cash.
The UK National Health Service (NHS) was one of the first to report an outbreak that has resulted in significant disruption of operations at 16 UK hospitals. In some cases, staff have been sent home, ambulances are being diverted to neighboring hospitals, and critical medical systems are now being proactively shut down as a precaution and to contain the spread.
Even though Microsoft released a patch for the vulnerability in March, it’s clear that thousands of Windows systems have not been updated and remain exposed.
What makes this outbreak so different? Well, for starters, unlike most ransomware variants that rely on tricking a user to click on a link or file in a phishing email, it appears that WannaCry is being spread by means of a worm that can autonomously scan for and infect other vulnerable machines on the network once an organization has been compromised.
If these reports are true, things are going to get a lot worse, and fast. Stay tuned and we’ll keep you posted as this story develops. And if you haven’t kept up on your Windows patch updates, now would be a good time to do so
