Analysis of Wannacry Data Breach

First, a data breach or a breach of data security is an incident in which sensitive, proprietary or confidential information is viewed, stolen or used by unauthorized third parties. This form of crime can both cause damage of property, for example, sabotaging computer systems. It can also lead to a violation of property rights, such as theft of source codes, customer data or other information. In addition, it could affect whole business systems of an enterprise level company. The most common scenario for a data theft is a hacker attack that penetrates into a company's network. According to Antonucci (2017) data breaches happen on a daily basis in most places; the cyber-attacks have highlighted the increasing vulnerabilities of personal information. Notably, extra tools use by government hackers have been published hence making it easier to adopt sophisticated means of stealing company data, spreading malware or ransomware. Undoubtedly, several companies frequently fail to update their security breaches promptly.

Since more businesses are online, criminals realize data values that are protected by organizations. In cases of ransomware-hackers demands money before they unlock the files and it is increasingly becoming common. Examples of the Information Communication Technology breaches of the 21st Century includes; the wanna cry 2017 attack, eBay 2014 attack, yahoo mail attack and many more.

Statistically, an analysis from anti-virus company found that ransomware payments have hit over $2billion as at 2017. Other analyses propose that compromised computer-related businesses will exceed $10 billion in the next coming year. Therefore, this study highlights some common data breaches in recent history.

Description

Precisely, the WannaCry ransomware is a worm that spread rapidly across various computer networks in the wake of May 2017. Following an infection through Windows computers, the worm encrypts files on computer hard drive, making accessibility of the files difficult for users to access lest their pay ransom in terms of Bitcoins for decryption.

Several factors contributed to the primary attack of the WannaCry virus since it struck different important and sophisticated systems such as Britain’s National Health Service. In addition, it exposed the Windows vulnerability suspected to have been initially discovered by the NSA (United States Security Agency).

The Attack

The ransomware started on May 12 affecting computer systems and this type holds the computer hostage with data trapped within although experts assert that it was the largest attack of its kind. Over 200, 000 computers were affected with the rapid spread ransom attack with hackers demanding $300 per computer. The attack crippled computer systems in at least 150 countries across the world, although experts foresee, that there are possibilities of other similar attacks in the near future.

Who started it?

Occasionally, the suspects are still anonymous pending investigations, but researchers claim the link to the North Korean Hackers, of course, this has to be proven. Furthermore, it was cautiously associated with Symantec as well as other security researches toward the Lazarus Group; a cybercrime organization suspected to originated from the North Korea government.

Who is at risk?

The risky virus targeted computers operating on Windows OS before Windows 10, that is Windows XP through Windows 8. Opportunistically, the malware took advantage of the breach that was recently leaked by NSA data dump; a breach for which Microsoft launched a security measure in order to protect users. Consequently, Systems that lacked the patched update were at risk and most fell victims to the virus.

How can it be stopped?

The malware spread by clicking links or downloading attached files from infected third parties, therefore, the primary measure was to remain vigilant regarding the attachments received from established contacts. These cases proved difficult to identify since the messages are usually harmless and from known parties. Secondary precautions required Windows users excluding Windows 10 to immediately update their software.

A legendary security analyst stopped the virus temporarily after finding a secret kill switch within its code. In his effort, he registered an email address refereeing to the malware and was able to halt the virus from spreading. Soon after, Copycat hackers started creating their own versions of the code that further spread the new viruses.

What can we learn from this?

This article has highlighted a mixture of weak systems and ill-fated cyber-attack that never ended well. The types of attacks are constantly on the rise and continue to proliferate whenever large-scale and critical infrastructure including financial institutions and hospitals are pitched on low insecure platforms.

Future Prevention

According to Institute for Security Studies (2017) preventing such future disasters highlights the need to advance cybersecurity including addressing public health issue for intelligence agencies as well as law enforcement. This implies that legacy software systems should be uplifted to fit modern time since security experts and organizations need extra bonded collaboration in order to prevent such breaches in the near future.