Sunday, May 14, 2017

Week 9 Blog Post

As many of you have seen in the news over the last few days a massive global ransomware attack has hit hundreds of thousands of organisations in over 150 countries. The attack was first noticed on Friday as the ransomware started propagating in a very unusual way, via worm.

So far according to the news outlets the worm was accidentally stopped when a security researcher registered the domain that was referenced in the worm code. Apparently this was the built in kill switch for the worm.

The gizmodo website contains a video showing the malware infecting a system which then continues to infect the other system in real time.

Here is the link.  Malware infection Video

Even though the worm has infected many organisations world wide the money collected from victims as of yesterday was only about $33k. There is still some concern about all the additional computers that are infected, because the companies wont know until Monday when they start them up.

Some security experts are also warning that since the developers now know how the worm was stopped they may change the kill switch and release a new version.

Be on the lookout and patch your systems.



No comments:

Post a Comment