Page 22 - ARUBA TODAY
P. 22

A23
                                                                                           TECHNOLOGY Monday 15 May 2017


















                 Experts: Conditions behind cyberattack may be hard to mimic



            ANICK JESDANUN
            AP Technology Writer                                                                                                in  2008  and  can  disable
            NEW YORK (AP) — The cy-                                                                                             system  security  features,
            berextortion  attack  hitting                                                                                       also  spreads  through  vul-
            dozens of countries spread                                                                                          nerabilities  in  internal  file
            quickly  and  widely  thanks                                                                                        sharing.
            to  an  unusual  confluence                                                                                         As makers of anti-virus soft-
            of  factors:  a  known  and                                                                                         ware  release  updates  to
            highly  dangerous  security                                                                                         block  it,  hackers  deploy
            hole in Microsoft Windows,                                                                                          new variants to evade de-
            tardy users who didn’t ap-                                                                                          tection.
            ply Microsoft’s March soft-                                                                                         Conficker  was  more  of  a
            ware  fix,  and  a  software                                                                                        pest  and  didn’t  do  major
            design  that  allowed  the                                                                                          damage.  WannaCry,  on
            malware to spread quickly                                                                                           the  other  hand,  threat-
            once inside university, busi-                                                                                       ens  to  permanently  lock
            ness and government net-                                                                                            away user files if the com-
            works.                                                                                                              puter  owner  doesn’t  pay
            Not  to  mention  the  fact                                                                                         a  ransom,  which  starts  at
            that those responsible were                                                                                         $300 but goes up after two
            able  to  borrow  weapon-                                                                                           hours.
            ized software code appar-                                                                                           The  damage  might  have
            ently  created  by  the  U.S.                                                                                       been    temporarily   con-
            National  Security  Agency                                                                                          tained.
            to launch the attack in the    This April 12, 2016 file photo shows the Microsoft logo in Issy-les-Moulineaux, outside Paris, France.   An   unidentified   young
            first place.                                                                                       Associated Press  cybersecurity   researcher
            Other  criminals  may  be                                                                                           claimed to help halt Wann-
            tempted to mimic the suc-    soon choking and crashing  thousands of organizations.    “When  any  technique  is    aCry’s  spread  by  activat-
            cess  of  Friday’s  “ransom-  machines  across  the  inter-  THE PERFECT STORM         shown  to  be  effective,    ing a so-called “kill switch.”
            ware “ attack, which locks   net.                         Once  inside  an  organiza-  there  are  almost  always   Other  experts  found  his
            up  computers  and  hold     The  Morris  worm  wasn’t  tion, WannaCry uses a Win-     copycats,”    said   Steve   claim credible. But attack-
            people’s  files  for  ransom.   malicious,  but  other  nas-  dows  vulnerability  purport-  Grobman,  chief  technol-  ers can, and probably will,
            Experts say it will be difficult   tier  variants  followed  —  at  edly  identified  by  the  NSA  ogy  officer  of  McAfee,  a   simply develop a variant to
            for  them  to  replicate  the   first  for  annoyance,  later  and later leaked to the in-  security company in Santa   bypass  this  countermea-
            conditions  that  allowed    for criminal purposes, such  ternet.  Although  Microsoft  Clara, California.          sure.
            the  so-called  WannaCry     as  stealing  passwords.  But  released  fixes  in  March,  But  that’s  complicated,   FIGHTING BACK
            ransomware  to  proliferate   these  worm  attacks  be-   the  attackers  counted  on  because  hackers  need  to   The  attack  is  likely  to
            across the globe.            came  harder  to  pull  off  many  organizations  not  find security flaws that are    prompt more organizations
            But  we’re  still  likely  to  be   as  computer  owners  and  getting around to applying  unknown, widespread and   to  apply  the  security  fixes
            living with less virulent vari-  software makers shored up  those  fixes.  Sure  enough,  relatively easy to exploit.  that  would  prevent  the
            ants of WannaCry for some    their defenses.              WannaCry found plenty of  In  this  case,  he  said,  the   malware  from  spreading
            time. And that’s for a sim-  So  criminals  turned  to  tar-  targets.                 NSA  apparently  handed      automatically. “Talk about
            ple reason: Individuals and   geted  attacks  instead  to  Since  security  profession-  the  WannaCry  makers  a   a  wake-up  call,”  Hyppo-
            organizations alike are fun-  stay below the radar.       als typically focus on build-  blueprint   —   pre-written   nen said.
            damentally  terrible  about   With  ransomware,  crimi-   ing  walls  to  block  hack-  code  for  exploiting  the   Companies are often slow
            keeping  their  computers    nals typically trick individu-  ers  from  entering,  security  flaw,  allowing  the  attack-  to apply these fixes, called
            up-to-date  with  security   als  into  opening  an  email  tends  to  be  less  rigorous  ers  to  essentially  cut  and   patches,  because  of  wor-
            fixes.                       attachment      containing  inside  the  network.  Wann-  paste  that  code  into  their   ries  that  any  software
            THE  WORM  TURNS  ...  AND   malicious  software.  Once  aCry  exploited  common  own malware.                      change could break some
            TURNS                        installed,  the  malware  just  techniques employees use  Mikko  Hypponen,  chief  re-  other  program,  possibly
            One  of  the  first  “attacks”   locks  up  that  computer  to  share  files  via  a  central  search  officer  at  the  Hel-  shutting  down  critical  op-
            on  the  internet  came  in   without spreading to other  server.                      sinki-based   cybersecurity   erations.
            1988,  when  a  graduate     machines.                    “Malware  that  penetrates  company  F-Secure,  said      “Whenever there is a new
            student   named     Robert   The hackers behind Wann-     the  perimeter  and  then  ransomware  attacks  like      patch, there is a risk in ap-
            Morris  Jr.  released  a  self-  aCry  took  things  a  step  spreads inside the network  WannaCry  are  “not  going   plying the patch and a risk
            replicating and self-propa-  further  by  creating  a  ran-  tends to be quite success-  to be the norm.”           in not applying the patch,”
            gating  program  known  as   somware  worm,  allowing  ful,”  said  Johannes  Ullrich,   But they could still linger as   Grobman  said.  “Part  of
            a  “worm”  onto  the  then-  them  to  demand  ransom  director  of  the  Internet  low-grade  infections  that     what    an    organization
            nascent internet. That pro-  payments  not  just  from  in-  Storm  Center  at  the  SANS  flare up from time to time.  needs  to  understand  and
            gram  spread  much  more     dividual but from entire or-  Institute.                  For instance, the Conficker   assess  is  what  those  two
            quickly  than  expected,     ganizations — maybe even  PERSISTENT INFECTIONS           virus,  which  first  appeared   risks are.”q
   17   18   19   20   21   22   23   24   25   26   27