âThis historic attack was one of the biggest of all time and destroyed hundreds of thousands of computers, almost exclusively targeting large corporations. Companies all over the world were infected: hospitals, car factories, power plants, train companiesâthe list goes on,â wrote Mikko Hyppönen, a highly-respected security veteran and currently Chief Research Officer at WithSecure.
The attack was eventually attributed to North Koreaâs Lazarus Group. But what is perhaps most notable about WannaCry is that it opened eyes to the coming plague that is ransomware today. While not new, it got people talking about this kind of malware, which until that point was not nearly as well-known. On Twitter, infosec influencers traded a few stories from the day and reflected on lessons learned.
âToday is the 5th anniversary of the Wannacry ransomware incident, which began as a spillover from a North Korean cyberattack. The spillover eventually brought the NHS to its knees until a lucky Brit bought a kill switch domain, halting it in its tracks,â tweeted Gareth Corfield (@GaztheJourno), a writer covering technology and security for the Telegraphâs business section.
That Brit mentioned by Corfield was then-22-year-old Marcus Hutchins (@MalwareTechBlog), a hugely popular influencer in the security space on Twitter who did a lot of his own reminiscing on the anniversary date. Hailed as a hero to this day for his discovery of the kill switch that stopped the continued spread of the ransomware, he said press inquiries were pouring in.
âI keep getting interview requests like "it's the 5 year anniversary of WannaCryâwhere are you now and how did the publicity advance your career?" then I have to explain I still work in the same position at the same company as I did before all that,â he tweeted.
Still lurking, ready to wreak havoc Like Hutchinsâ career moves, little has changed since that day in 2017 when WannaCry first hit, security experts say.
â5 yrs on from WannaCry. Lots has changed and lots hasnât,â tweeted Lisa Forte (@LisaForteUK), a partner with security firm Red Goat Cyber Security. âWas it the cataclysmic change in security perception and cyber risk we hoped? Did TAs learn more than we did? Have Govs taken action to better secure zero days / offensive sec tools they develop? What are your thoughts?â
Most who weighed in felt that, no, despite its high profile, WannaCry made little long-lasting impact.
âWas it the cataclysmic change in security perception and cyber risk we hoped? No. Did TAs learn more than we did? Probably. Have Govs taken action to better secure zero days / offensive sec tools they develop? I think there has been policy changes... reality changes... who knows?â tweeted researcher and ethical hacker Daniel Card (@UK_Daniel_Card).
âI think you are entirely right. Sadly governmental processes seem to process on a decade scale while technology related issued [sic] progress on an monthly or even daily basis,â added TrustedSec founder Dave Kennedy (@geordiemuppet).
Clearly this is reflected in WannaCryâs current status as a top threat, still out there and waiting for the right opportunity with vulnerable businesses. Reporter Connor Jones of ITProUK points out in a recent article that many fail to realize that WannaCry still actively lurks on the ransomware landscape.
âWhatâs more, cyber criminals still using WannaCry have learned from its failures and have come back with reworked, retooled versions that eliminate the âlow hanging fruitâ kill switch that ultimately proved its downfall five years ago,â he writes.
So, happy 5th anniversary to you, WannaCry! You donât look a day over four. And if the status of many networks is any indication, you are as fresh as the day you were born. But not everyone thinks youâre worth celebrating.
âIâm celebrating an alternate holiday today,â tweeted Tarah M. Wheeler (@tarah), founder of security firm Red Queen Technologies. âInstead of wishing people Happy WannaCry Day, Iâm offering a heartfelt Merry Patch Your S*** Eve to those who celebrate.â |