Page 22 - ARUBA TODAY
P. 22
A23
TECHNOLOGY Monday 15 May 2017
Experts: Conditions behind cyberattack may be hard to mimic
ANICK JESDANUN
AP Technology Writer in 2008 and can disable
NEW YORK (AP) — The cy- system security features,
berextortion attack hitting also spreads through vul-
dozens of countries spread nerabilities in internal file
quickly and widely thanks sharing.
to an unusual confluence As makers of anti-virus soft-
of factors: a known and ware release updates to
highly dangerous security block it, hackers deploy
hole in Microsoft Windows, new variants to evade de-
tardy users who didn’t ap- tection.
ply Microsoft’s March soft- Conficker was more of a
ware fix, and a software pest and didn’t do major
design that allowed the damage. WannaCry, on
malware to spread quickly the other hand, threat-
once inside university, busi- ens to permanently lock
ness and government net- away user files if the com-
works. puter owner doesn’t pay
Not to mention the fact a ransom, which starts at
that those responsible were $300 but goes up after two
able to borrow weapon- hours.
ized software code appar- The damage might have
ently created by the U.S. been temporarily con-
National Security Agency tained.
to launch the attack in the This April 12, 2016 file photo shows the Microsoft logo in Issy-les-Moulineaux, outside Paris, France. An unidentified young
first place. Associated Press cybersecurity researcher
Other criminals may be claimed to help halt Wann-
tempted to mimic the suc- soon choking and crashing thousands of organizations. “When any technique is aCry’s spread by activat-
cess of Friday’s “ransom- machines across the inter- THE PERFECT STORM shown to be effective, ing a so-called “kill switch.”
ware “ attack, which locks net. Once inside an organiza- there are almost always Other experts found his
up computers and hold The Morris worm wasn’t tion, WannaCry uses a Win- copycats,” said Steve claim credible. But attack-
people’s files for ransom. malicious, but other nas- dows vulnerability purport- Grobman, chief technol- ers can, and probably will,
Experts say it will be difficult tier variants followed — at edly identified by the NSA ogy officer of McAfee, a simply develop a variant to
for them to replicate the first for annoyance, later and later leaked to the in- security company in Santa bypass this countermea-
conditions that allowed for criminal purposes, such ternet. Although Microsoft Clara, California. sure.
the so-called WannaCry as stealing passwords. But released fixes in March, But that’s complicated, FIGHTING BACK
ransomware to proliferate these worm attacks be- the attackers counted on because hackers need to The attack is likely to
across the globe. came harder to pull off many organizations not find security flaws that are prompt more organizations
But we’re still likely to be as computer owners and getting around to applying unknown, widespread and to apply the security fixes
living with less virulent vari- software makers shored up those fixes. Sure enough, relatively easy to exploit. that would prevent the
ants of WannaCry for some their defenses. WannaCry found plenty of In this case, he said, the malware from spreading
time. And that’s for a sim- So criminals turned to tar- targets. NSA apparently handed automatically. “Talk about
ple reason: Individuals and geted attacks instead to Since security profession- the WannaCry makers a a wake-up call,” Hyppo-
organizations alike are fun- stay below the radar. als typically focus on build- blueprint — pre-written nen said.
damentally terrible about With ransomware, crimi- ing walls to block hack- code for exploiting the Companies are often slow
keeping their computers nals typically trick individu- ers from entering, security flaw, allowing the attack- to apply these fixes, called
up-to-date with security als into opening an email tends to be less rigorous ers to essentially cut and patches, because of wor-
fixes. attachment containing inside the network. Wann- paste that code into their ries that any software
THE WORM TURNS ... AND malicious software. Once aCry exploited common own malware. change could break some
TURNS installed, the malware just techniques employees use Mikko Hypponen, chief re- other program, possibly
One of the first “attacks” locks up that computer to share files via a central search officer at the Hel- shutting down critical op-
on the internet came in without spreading to other server. sinki-based cybersecurity erations.
1988, when a graduate machines. “Malware that penetrates company F-Secure, said “Whenever there is a new
student named Robert The hackers behind Wann- the perimeter and then ransomware attacks like patch, there is a risk in ap-
Morris Jr. released a self- aCry took things a step spreads inside the network WannaCry are “not going plying the patch and a risk
replicating and self-propa- further by creating a ran- tends to be quite success- to be the norm.” in not applying the patch,”
gating program known as somware worm, allowing ful,” said Johannes Ullrich, But they could still linger as Grobman said. “Part of
a “worm” onto the then- them to demand ransom director of the Internet low-grade infections that what an organization
nascent internet. That pro- payments not just from in- Storm Center at the SANS flare up from time to time. needs to understand and
gram spread much more dividual but from entire or- Institute. For instance, the Conficker assess is what those two
quickly than expected, ganizations — maybe even PERSISTENT INFECTIONS virus, which first appeared risks are.”q