By Jessica Davis
May 17, 2017
The U.S. Department of Homeland Security received notification from fewer than 10 U.S. victims of the WannaCry ransomware campaign that crippled the U.K. National Health Service over the weekend, according to Reuters.
No federal government agencies were affected during the attack, a DHS official told Reuters.
Globally, the WannaCry campaign hit 300,000 victims from more than 150 countries, which disrupted services at hospitals, schools, universities and major businesses. China and Russia were some of the countries hit hardest by the attacks.
[Also: WannaCry highlights worst nightmare in medical device security]
The attacks appear to be slowing down, despite many experts expecting a second wave of attacks this week. Many variants and copycat versions of the virus have appeared on the dark web in response to the successful disruption of Friday’s initial attack.
The WannaCry ransomware strain is thought to be part of April’s massive NSA leak from cybercriminal group Shadow Brokers. On Tuesday, the group threatened another massive data dump for next month that will contain web browser, router and handset exploits, as well as newer exploits of Windows 10 and compromised network data from the nuclear programs of North Korea, Russia, China and Iran.
[Also: How US healthcare spent the weekend protecting against WannaCry]
Three security firms have found connections between WannaCry and malware used by the Lazurus Group, which has ties to North Korea. Google Security researcher Neel Mehta first tweeted the connection between the code of WannaCry and Lazurus’ Contopee backdoor on May 15.
Symantec, Kaspersky Lab and BAE Systems have found similar connections in the code, language use and program type used to write the code. While this in no way confirms the association, it can’t be excluded.
At Mnemonix, we understand your security concerns. We offer managed service plans that automate the update process so you know you are always up-to-date. We know that security is more than just hardware and that is why we provide cyber security training to assist with security at the user level as well. Give us a call at 616-588-7740 to learn more about how we can help you keep your systems up and safe.
May 17, 2017
The U.S. Department of Homeland Security received notification from fewer than 10 U.S. victims of the WannaCry ransomware campaign that crippled the U.K. National Health Service over the weekend, according to Reuters.
No federal government agencies were affected during the attack, a DHS official told Reuters.
Globally, the WannaCry campaign hit 300,000 victims from more than 150 countries, which disrupted services at hospitals, schools, universities and major businesses. China and Russia were some of the countries hit hardest by the attacks.
[Also: WannaCry highlights worst nightmare in medical device security]
The attacks appear to be slowing down, despite many experts expecting a second wave of attacks this week. Many variants and copycat versions of the virus have appeared on the dark web in response to the successful disruption of Friday’s initial attack.
The WannaCry ransomware strain is thought to be part of April’s massive NSA leak from cybercriminal group Shadow Brokers. On Tuesday, the group threatened another massive data dump for next month that will contain web browser, router and handset exploits, as well as newer exploits of Windows 10 and compromised network data from the nuclear programs of North Korea, Russia, China and Iran.
[Also: How US healthcare spent the weekend protecting against WannaCry]
Three security firms have found connections between WannaCry and malware used by the Lazurus Group, which has ties to North Korea. Google Security researcher Neel Mehta first tweeted the connection between the code of WannaCry and Lazurus’ Contopee backdoor on May 15.
Symantec, Kaspersky Lab and BAE Systems have found similar connections in the code, language use and program type used to write the code. While this in no way confirms the association, it can’t be excluded.
At Mnemonix, we understand your security concerns. We offer managed service plans that automate the update process so you know you are always up-to-date. We know that security is more than just hardware and that is why we provide cyber security training to assist with security at the user level as well. Give us a call at 616-588-7740 to learn more about how we can help you keep your systems up and safe.