Wanna Cry ransomware attack first surfaced in May 2017, it was a worldwide cyberattack by the WannaCry ransomware crypto worm, which targeted Microsoft Windows computer as they encrypted data and demanded ransom payments in the Bitcoin cryptocurrency.
Image Source: checkmarx.com
It has not stopped since many big organizations have fallen prey. The latest victim of this ransomware attack is electronics manufacturer LG. The company confirmed that it had to turn off some parts of the network after they were victimized by WannaCry ransomware.
Must Read: Locky Ransomware ‘Back from the Dead’
A ransomware was found in a self-service kiosk in South Korea when the code was analyzed, it was identified as WannaCry, a malware that encrypts the file. It has not been more than a couple of months when the malware has infected over 230,000 computer in 150 countries. The impact of the attack was so powerful, some of the big organizations including United Kingdom’s National Health Service had to take their systems offline.
Image Source: mobilescout.com
Soon, security researcher Marcus Hutchins discovered a kill switch to prevent further spread of the infection, and Microsoft released a patch for current and older Windows versions against WannaCry, However, ransomware continued to infect unpatched systems.
WannaCry has come into effect once again and the target infected was self-service kiosk systems at LG Electronics in South Korea.
Image Source: mobilescout.com
An LG spokesperson told ZDNet, “We analyzed the malicious code that caused delays at some service centers on Aug 14th with the help of KISA [Korea Internet & Security Agency] and confirmed that it was indeed ransomware. According to KISA, yes it was the ransomware known as WannaCry”.
When ransomware was spotted on the network, LG blocked the access to the service center to prevent the malware from spreading to other parts of the organization. Therefore, no data was lost and no ransom was paid.
According to LG, after two days of the attack, all unmanned reception terminals infected were functioning normally and the security updates were rolled for the unmanned reception terminals that had been infected with malicious code.
This update confirmed that the patches were not applied to the network before the attack, that’s why LG was vulnerable to WannaCry and other malware.
Though the attack was blocked and security updates were applied, LG and KISA are still trying to figure out how WannaCry came to infect the network at the self-service center in the first place.
So far, the culprit of WannaCry mayhem has not been in limelight yet but both private cyber security firms and investigating government agencies have indicated that North Korea might have the involvement in the fiasco.
In the beginning of August, the ransom payments made for WannaCry had been cashed out. Despite the attack being high profile, the codes behind Wannacry were said to be of low quality and users were able to regain access to the files even after being encrypted.
WannaCry, despite being a low-quality code malware spread like a wildfire. This incident should definitely be treated as an eye opener as it might have inspired other malware developers to attempt and create a bigger fiasco. It’s high time to take security seriously, whether it is a multinational company or a normal user, nobody is safe from the venomous clutches of cyber criminals.