On Friday, the NHS became the victim of a huge cyber attack from hackers threatening to delete all data unless they pay $300 (£233) per machine to a Bitcoin wallet address.
In addition, telecommunication and utility companies around the world were also hit, with the full long term effects still to be fully realised.
The large scale attack was from the new family of ransomware called WannaCryptor.
Cyber security solutions provider Bitdefender, has been analysing WannaCryptor and sagest that it is one of the biggest threats that both end users and companies have had to face recently.
Because the list of vulnerable Windows PCs can be found through a simple internet scan and the code can be executed remotely, no interaction from the user is needed. Once the PC is infected, it acts like a worm, it replicates itself in order to spread to other computers.
Bitdefender's analysis reveals that the wormable component is based on the EternalBlue exploit that had been leaked out in a data dump allegedly coming from the NSA. This strain of malware is one of the few that combine the aggressive spreading mechanism of a cyber-weapon, with the irreversible destructive potential of ransomware. Up until now, more than 120,000 computers worldwide have been infected.
The CVE07-010 vulnerability affects almost all versions of the Windows operating system, including those who are not actively supported anymore, such as Windows XP, Windows Vista and Windows Server 2003. Because of the extremely high impact, Microsoft has decided to issue patches for ALL operating systems, including the unsupported ones. If your operating system does not have the specific hotfix installed, then you are vulnerable and need to update immediately.
What you can do to stay protected?
Originally published on Defence.Digital.