TMCnet News

WannaCry Ransomware Highlights Need for Resiliency, Advises Cognosec
[May 16, 2017]

WannaCry Ransomware Highlights Need for Resiliency, Advises Cognosec


STOCKHOLM, May 16, 2017 /PRNewswire/ --

Cognosec AB (Nasdaq: COGS), an international leader in IT security, GRC and PCI services, has today announced its take on the recent 'WannaCry' ransomware attacks. The attacks, which spread like wildfire across the globe, encrypted computers running older or unpatched Windows systems and demanded $300 to $600 in Bitcoins.

Some of the code used to programme the worm had previously been utilised for malware distributed by the Lazarus Group - hackers that were also responsible for the 2014 Sony attack which was blamed on North Korea. The Windows vulnerability that had been identified was originally stolen from the NSA by a group of hackers called Shadow Brokers.

The attack uses a vulnerability known as EternalBlue, a weakness in the NetBIOS implementation. Microsoft has issued a patch which can be found here: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

In Britain, hospitals were locked out of their systems. In Germany, railway displays stopped working. Russia was badly affected and China, a booming marketplace for pirated software, was also badly affected. In Spain



A 20-year-old software engineer found the 'kill switch' for the software over the weekend. However, as the worm mutated, the switch didn't stop its distribution for very long. As businesses opened after the weekend and computers were turned on, the worm began spreading further. So far, more than 230,000 computers in over 150 countries were taken out, and numbers are still rising.

This once again shows us how vulnerable our digital society is. It is another wakening call for enterprises to take security more serious. On the one hand, the vulnerability was known for several months and many failed to adequately assess the risk they were exposed to and failed to secure their systems. On the other hand, many organisations still operate equipment running on outdated unsupported operating systems. While it is understandable that critical infrastructure hardware is difficult and expensive to replace, modern antimalware systems could have stopped the worm from reaching them.


It remains to be seen how long it will take for the affected organisations to return to normal operations. Once again, we will see the importance of resiliency. It is not enough to detect and attempt to contain malware, we also need to focus on restoring our systems as soon as possible once the breach is contained. How well we do this remains to be seen over the next few weeks.

ABOUT COGNOSEC 

Cognosec AB (publ) (Nasdaq: COGS) is engaged in the provision of cyber security solutions and conducts its operations through the Swedish parent company and through subsidiaries in South Africa, UK, Kenya, and the United Arab Emirates. The Group delivers services and technology licences to enhance clients' protection against unwanted intrusion and to prevent various forms of information theft. The parent company is domiciled in Stockholm, Sweden. Cognosec employs 110 people and had revenues of EUR 16.8 million in 2015. Please visit http://www.cognosec.se for more information.

Media contacts:
For Cognosec AB:
Magnus Stuart, IR Officer
T: +46-706-211-350
Email: [email protected]

UK Media:
Matthew Watkins / Astor Sonnen
Finn Partners
[email protected]
+44(0)20-3217-7060


SOURCE Cognosec AB


[ Back To TMCnet.com's Homepage ]