Do you WannaCry?
-
Created: Saturday, 10 June 2017 23:26
Image Credit: geralt
pixelbay.com
I am sure by now you have heard about the WannaCry ransomeware attack that impacted millions of people. In a previous post, it was mentioned that one of the best ways to avoid falling victom to these types of attacks is by keeping your system up-to-date with the latest patches. We also covered other reasons to keep servers updated with the latest versions applications. These reasons also apply to your PC.
Yet, there are valid reason as to why a system can not be upgraded to the latest versions of its operating system or applications. Some organizations run legacy systems, because there is no upgrade support available. Either that application went end of life, or the company is no longer in business. Many of these legacy systems are used in critical capacities, preventing them from simply being shutdown to start new. Starting new could mean millions of dollars in R&D, testing, and time. These costs could destroy the budgets of some organizations, and so they implement more cost effective measures to keep their systems going.
Once an application goes end-of-life, companies stop supporting it. Support for legacy applications can be very expensive, especially when companies like Microsoft continue to come out with new releases. They would much rather spend their time and resources on the future, instead of the past. Interestingly, Microsoft released a series of patches to address the WannaCry attack for many of their popular legacy operating systems. This attack targeted Microsoft's Server Message Block (SMB) Protocol. More information can this can be found on Microsoft's Security Bulletin MS17-010.
Once infected with WannaCry, victims were told they would have to pay $300 in Bitcoins to regain control of their systems. Like most attacks, these things spread because of social engineering and phishing attempts, all tricking users to download malicious attachments. Be careful what you click on, and the information you give to others.
