The Latest Updates on Massive WannaCry & Adylkuzz Cyberattacks
On Friday, May 12, a massive ransomware cyberattack, known as WannaCry, swept the globe. As of Tuesday, over 150 countries, including the U.S., Russia, Spain, India, and more have been targeted, and 300,000 computers have been infected. Now, a new global cyberattack, known as Adylkuzz, is making the rounds, yet most infected companies and users have no idea their devices have been compromised.
Here are the latest updates on the status of the ongoing WannaCry and Adylkuzz cyberattacks and the steps your company must take now to remain cybersecure.
The Latest on The WannaCry Cyberattack
The massive WannaCry cyberattack this weekend had governments, hospitals, business owners, and more scrambling to update and enhance their cybersecurity efforts. The ransomware, which locks down infected computers, encrypts the data, and demands BitCoin payments ranging in size for files to be restored, was developed by utilizing cyber spying tools from the U.S. National Security Agency (NSA) that were leaked in April.
The ransomware spreads by capitalizing on a Windows vulnerability that Microsoft released a patch for in March that was not highly publicized until the cyberattack. Computers and networks that haven’t updated their systems and those utilizing older versions of Windows are still at risk and make up the victims of the attack.
Here are the latest updates your business needs to know regarding the WannaCry cyberattack:
- Over 150 countries and 300,000 computers have been infected.
- The spread of the ransomware seems to be slowing now that Microsoft has publicized the patch that eliminates the Windows 10 vulnerability hackers were targeting. Following the attack, Microsoft also took the “highly unusual step” of releasing a patch for its older operating systems the ransomware was targeting as well.
- These patches do nothing for computers already infected with WannaCry.
- Hackers have only managed to net $80,000 from victims.
- Shadow Brokers, the hacking group believed to be behind the leak of NSA cyber spying tools used in WannaCry, announced via blog their plans to sell other stolen NSA cyber tools to fellow hackers in a subscription-based service starting in June.
The most important update following the WannaCry hack is the potential for Shadow Brokers to distribute more cyber spying tools they claim were sourced from the NSA. This update is the one business owners and execs should be most concerned with. The potential release of more cyber spying tools developed by the NSA threatens the cybersecurity of every business, regardless of size. It has also stoked the debate regarding whether governments should be allowed to create such tools due to the ability of hackers to steal and leak them.
Microsoft execs responded to the massive cyberattack by calling again for a “Digital Geneva Convention” to commit governments to protecting civilians and companies from nation-state cyberattacks and the need for enhanced cybersecurity efforts globally considering the sharp rise in cyberattacks over the past year.
Adylkuzz: Ongoing Cyberattack Even Worse Than WannaCry
While WannaCry was the attack on every major news outlet this weekend, it’s the silent, but larger cyberattack known as Adylkuzz that has our attention. This lesser known cyberattack, identified by the security company Proofpoint, utilizes the same NSA tools used by WannaCry and has 20 servers around the world scanning for computers that don’t have the latest Microsoft patch in order to infect these devices. Hackers then infect the targeted computers with Adylkuzz without needing the owner to click. A frightening development which could have disastrous repercussions if spread among the dark web hacking community.
Proofpoint was able to track the Adylkuzz program back to at least May 2, but believes it could have been around since April 24 and there is no way to tell how many computers have been infected. Proofpoint said potentially hundreds of thousands of PCs and servers could be infected. The hack is just now coming to light due to its stealthy nature. Infected computers show minimal signs of the hack, like slower performance speeds on PCs and a loss of specific Windows products. However, business networks with thousands of infected computers will experience severely slower speeds affecting their ability to do business.
The Adylkuzz program targets computers in order to turn them into a “mine” for Montero, which is a cryptocurrency similar to Bitcoin, to generate thousands of dollars for the hackers behind the attack. Thus making victims into the unwitting financial supporters of their attackers. And unlike WannaCry, this attack is generating thousands and thousands of dollars for those responsible for it with no end point in sight.
How to Protect Your Business
Now that you have the facts, it’s time to get smart about your cybersecurity initiatives and efforts to stop cyberattacks before they cost your business valuable resources. Here are our best tips to keep your sensitive data, devices, and networks secure:
- Download and install the Microsoft security patch on all vulnerable devices. The patch can be found here. This is crucial to have your IT team implement as soon as possible if your business devices are outdated or any devices have failed to update their Windows software in the past two months. This will protect your devices from the WannaCry ransomware, as well as Adylkuzz, by eliminating the Windows vulnerability utilized by both attacks to infect devices.
- Develop and implement regular cybersecurity training sessions. Your biggest cybersecurity threat is your employees. Failing to update the Windows software on a single device leaves your company vulnerable to hacks like WannaCry. By developing and implementing regular cybersecurity training sessions led by your IT team, your business can drastically reduce the likelihood of experiencing a successful cyberattack.
- Hire the cybersecurity talent you need. Having a robust IT team with skilled, experienced cybersecurity professionals is your company’s best defense against growing cybersecurity threats. These experts are in top demand considering the rise in cyberattacks over the past few years, so expect to pay a premium for this invaluable talent. (Trust us; they are more than worth the price tag.) If you can’t afford onsite cybersecurity professionals year-round, consider hiring short-term cybersecurity consultants to identify and implement more effective cybersecurity initiatives for your business.
Cyberattacks are on the rise, and it seems that no organization is safe against the growing international pool of highly skilled hackers. Moving forward, cyberattacks will only grow more advanced and become even harder to detect, like the Adylkuzz program. Businesses, both large and small, must prioritize cybersecurity now to keep their networks, devices, and data secure.
If you lack the cybersecurity talent you need to ensure your business is protected, contact Mondo today. We have the cybersecurity professionals you won’t find anywhere else.