The massive WannaCry cyber-attack is the worst Ransomware outbreak in history

Posted by

Global technology security company, Avast, has said the WannaCry Cyber-attack is the worst outbreak of its kind in the history.

In a blog post detailing how the attack started and spread, Avast explains that the ransomware spread by replicating itself rapidly from one computer to the next on a network, especially in organisations. Malicious software that spreads this way is called a “worm”.

The WannaCry cyber attack, Avast said, started Friday 12 May, infecting about 10,000 computers an hour:

advertisement

We observed 10,000 detections per hour, shortly after the outbreak, which is a really high number for a single malware strain.

After a malware researcher pressed the kill switch, which we will describe later in this post, the number of detections significantly decreased to approximately 2,000 per hour, late Friday afternoon. The ratio has been decreasing since then and we hope that this trend will continue.

…it’s hard to describe the buzz that appeared [on Friday when the cyber attack started] as all of us started doing our best to deal with the outbreak. At the end of the day it was already obvious that we had just encountered the worst ransomware outbreak in history.

Avast however said that the WannaCry ransomware did not target anyone organisation in particular.

The Kill Switch mentioned is a domain name which WannaCry would check for existence to decide if to keep spreading. The people behind the attack (speculated to be North Korean hackers) built into WannaCry, this ability for it to stop spreading once the domain was live.

A technology researcher on the Twitter handle MalwareTech, discovered the kill switch, ensuring that that the spread stopped. It is important to not however that only that particular strain was stopped. It is possible that other strains of the virus are still active.

For information on how to protect your organisation, please read:

Previous

How to WhatsApp Video #1: Posting pictures on the status

Next

MTN fined $8.5 million in Rwanda

2 Comments

  1. Muchie says:

    Techzim. You should do an indepth cover on these hacks. See, the North Korea speculation which has been put forward could be a false flag. If you’ve been following Wikileaks Vaults, you’d know that NSA and CIA have hacking tools manipulated with signatures of foreign state agencies. Simply put, USA could easily hack one country and put the “coding” footprints of another country. It’s difficult to pinpoint the true source of such attacks and regurgitating what’s put across by MSM won’t do us any good. For a start, look at the most affected Wannacry country, that alone should raise eyebrows.

  2. Charles Muzonzini says:

    The whole north korea thing is nonsense.

Comments are closed.