WannaCry Cyber Attacks Result of Stolen NSA Spy Tools?

By C. de Lacy / 2017.05.15

With the amount of time spent on research against spyware attacks, it wouldn't be surprising to still witness something similar to the WannaCry ransomware due to the recent news about stolen NSA tools for public surveillance. Unfortunately, the equipment fell into the wrong hands, causing serious trouble several companies to suffer from information encryption unless they pay out.

A recent report from Telegraph indicates that the behind the WannaCry cyber attacks aren't isolated within the US alone. Several countries are also being affected, including the UK and Germany. In fact, reports already suggest that over 100 countries are being affected as the ransomware is spreading at an alarming rate.

Companies like FedEx and even Britain's health system are already infected are already reported as infected last Friday. There are numerous means for the cyber extortionists to take advantage and dupe users into getting themselves infected with the ransomware. Most of them are disguised as non-filtered spam emails and goes as far as mentioning legitimate invoices, job offers, and convincing security warnings.

According to the reports, the cybercriminals are utilizing a stolen National Security Agency (NSA) tool called “Eternal Blue.” This is used with the WannaCry program, which gave way for its surprisingly fast widespread. This even tops last year's Cerber ransomware, which almost did the same exact thing.

As shown in the tweet, the WannaCry ransomware will be encrypting files for those computers that get infected and unlike Cerber, it might not spare even those under the Program Files (x86) folders, which might cripple the computer later. Those who are still running Windows XP are also highly vulnerable to the attack due to Microsoft's lack of support, which could be quite troublesome especially with Britain's Nuclear sub that still runs on the phased-out operating system.

As a general rule of thumb, avoid WannaCry ransomware can be done by simply avoiding suspicious emails. However, the way it spreads out through LAN could require more than just average security restrictions.

Real Time Analytics