In May 12, 2017 the “Wanna Cry” virus caused worldwide havoc. A total 74 countries had reported about 45,000 attacks had taken place on hospitals, government offices and major companies. One day later 99 countries were involved in the attack and North Korea was a suspect from the beginning. There is evidence that the ransomware called Wanna Cry and North Korea are connected.
The Wanna Cry virus attacks older Microsoft Windows programs. The question is, why did it spread so quickly? Partly, because people didn’t install the security updates for their software programs.
Microsoft issued customers critical updates for older software two months before the attack. However, in countries like Russia, many people believed that these security updates were optional, and not really necessary. They were also fearful it might be pirated software, and would shut them down if they tried to install it.
Unfortunately, that was a huge mistake. Computers that were updated were protected from the virus .Those computer systems that did not update, were attacked.
This enabled the Wanna Cry attack to spread unchecked through unprotected computer systems.The final estimate was that 150 countries and 230,000 computers were involved.
Thankfully a British researcher named Marcus Hutchins, stumbled upon a domain name the virus was searching for embedded in the code. Marcus created a website with that domain and caused the “Wanna Cry” virus to begin shutting down.
He inadvertently activated a “kill switch” for the virus. He became an overnight hero!
Ironically, Marcus Hutchins is currently facing charges on developing the 2014 Kronos banking Trojan and a piece of malware called the UPAS Kit. Marcus denies all charges, and the case is ongoing.
Where is the “Wanna Cry” Virus Now?
It’s been over a year since the Wanna cry virus was stopped. With all the computers updated and protected, the “Wanna Cry virus was thought to be history.
However, in Q3 2018 there were still 74,621 user attacks reported from variants of the “Wanna Cry” virus.That was about one third of all ransomware attacks in 2018.
Fortunately, the attacks are much more limited and involved smaller groups of computers.
Any major damage had been avoided because of the intensive technology updates that stop the virus dead in it’s tracks.
The Wanna Cry Virus is Still Active
The number of reported attempts to infect computers shows the cybercriminals are still using the Wanna Cry virus. They have learned to adapt the original code and still attack computers.
“Our statistics come from computers protected by our technologies, so no real damage occurred; our products have instantly repelled WannaCry from the start. However, the number of attempts to infect computers with this Trojan in 2018 suggests that someone out there is still actively using WannaCry. This would hardly be the case if there was nothing in it for cybercriminals — fools they are not. It means that they are still able to infect computers.”
Even if the hackers did manage to infect a computer system, the virus would not spread like it did in 2017. The updates to the Microsoft software would have prevented it from a repeat of 2017.
But it is not cause for celebration at all. The ransomware attacks might be lower for 2018, but overall attacks are on the rise and continue to grow every month. That is telling us the people who want to do us harm, are trying harder to succeed.
Originally, the Wanna Cry attack was reported in my article Recent Internet Scams
Wanna Cry and North Korea
The Wanna Cry virus code was linked with North Korea and their worldwide hacking activities also pointed toward the North Korean “Lazarus Group”. However, at the time no connection was proven.
In December 2017, the United State Government formally announced that evidence indicated North Korea was behind the Wanna Cry attack. The evidence also indicated, that North Korean leader Kim Jong-un had given the order to launch the malware attack.
Canada, New Zealand and Japan as well as the United Kingdom all reached the same conclusion. The Wanna Cry and North Korea are connected. North Korea denies the allegations.
Protect Your Devices From Attacks
A few simple steps can greatly help you avoid being attacked, and having your data locked up. Good maintenance of your equipment is a must! And always practice good Personal Fraud Protection
- Keep everything updated with the latest updates from security software
- Use the latest technologies -Karspersky uses rollback anti-ransomware technology
- Always make at least two backups -one hard copy, one cloud copy
Use External Back Up Devices
I have found using a back up hard drive makes this process much easier. A product called My Passport manufactured by Western Digital Corporation is very easy to use. It is a plug and play device, that you plug into your devices USB port and follow a few simple steps and you are done.
My Passport works in the background backing up all your data. It is small, about the size of a deck of cards, and powerful enough to store 2 TB of data. Because of it’s small size, it doesn’t take up much room. Bigger sizes are available as well.
However, the safest way to back up your computer, is to do it without keeping the hard drive connected all the time.
That way, if you are attacked, your hard drive is disconnected and your data is safe. Normally, the attack takes control of the computer, and locks you out. You can unplug the external hard drive and have a copy of your records.
It is also recommended to store an additional copy in the cloud, just in case! I am told that it is unlikely the malware is stored on the external hard drive. However, I am not a computer geek, so that’s why I save my data, and unplug it.
The importance of updating you data is key to protection yourself. You will not need to pay ransom if you have a back up copy!
I had a complete hard drive failure on my PC and this was a lifesaver! It had my data saved and intact, making data transfer onto a new hard drive simple.
Some of The Companies Hit in 2018
When the Wanna Cry outbreak infected computers in 150 countries in 2017, some of the companies affected were Boeing, Honda and FedEx. In the UK the National Health Service was also experiencing shutdowns because of the attack. Then, in 2018 an attack surfaced at Boeing again.
Boeing Had Dozens of Computers Hit
In March of 2018, Boeing had an attack that affected a plant in North Charleston. They reported it was a limited intrusion that affected a small number of devices in one facility.
The production equipment apparently had an older version of windows embedded inside certain systems. These systems were ones that did not get updated in 2017. However, because most of the other systems had already been updated, it did not spread.
TSMC Has 10,000 Machines Affected
In August 2018 A chip manufacturer called Tiawan Semiconductor Manufacturing Company –TSMC, experienced a shutdown of some of it’s fabrication plant’s.
The cause was an attack of a variant of the WannaCry virus. The company reported a vender had infected software and it was installed without a virus scan. The virus quickly spread and infected several facilities. Some 10,000 machines were involved.
They have since changed their procedures to prevent a repeat from happening again. But the point is, that these malware programs are still active and are being manipulated and changed all the time. The Wanna Cry is not dead!
Alleged Perpetrator of Wanna Cry Charged
In the meantime, the United States had evidence that uncovered the identity of the alleged perpetrator in the Wanna Cry attack. Park Jin Hyok.
On June 8,2018,the FBI issued a federal arrest warrant for Park Jin Hyok, charging him with one count of conspiracy to commit wire fraud, and one count of conspiracy to commit computer-related fraud (computer intrusion).
Who Was Park Jin Hyok
The accused Park Jin Hyok is an alleged North Korean Spy.
He is suspected to be the hacker responsible for the Wanna Cry attack.
Park, a computer programmer, is also the prime suspect wanted for the cyber attack on Sony Pictures Entertainment.
The Sony attack occurred after the release of the Hollywood movie that mocked the North Korean leader,Kim Jon Un.
The attack was in retaliation for insulting the North Korean leader.
Park was involved with a group of hackers employed by the North Korean Government. The hacking group was referred to as the “Lazarus Group”
U.S. officials are hoping that North Korea will make Park available for questioning.
The FBI Wanted Poster For Park Jin Hyok
The download link for this poster- Wanted Poster for Park Jin Hyok
North Korea Will Never Release Park Jin Hyok
Park Jin Hyok worked with Lab 110, a hacking group operated by the North Korean Government. The North Korean Lab 110 group is also recognized worldwide as the “Lazarus Group”.
The North Korean government employed park as a computer programmer. And this hacking talent is rare and valuable to government spy agencies. Likewise, it is unlikely he will ever be released to face any prosecution by the U.S.
More details are coming out about ongoing cyber attacks on businesses including some in South Korea. It is not clear who might be behind the latest attacks.
Your Best Defense – Keep All Updates Current
These Malware attacks are becoming more and more frequent. You must protect yourself as much as possible. I will repeat the simple best things you can do.
To keep your computer as safe as possible, keep all your updates for any software installed as soon as you receive them. This includes any security software as well as computer software updates.
Make 2 copies of your software, a hard copy such as a external hard drive and a cloud stored copy. This is the way you avoid the malware hijacking trap! You will have copies and will not need to pay ransom to get your files back.
My intent is to help you stay safe and offer you help for scams and frauds. Helping you avoid the pitfalls that are everywhere on the internet.
Be sure to use my Checklist if you do get involved in a scam.
Always be alert, and careful! Report any scams to the FBI ICU Unit
If you are looking for additional ways to make money on the internet, please avoid the get rich schemes, and try something that is safe. Learn a scam free way to earn money and start your own online business. You can set your own hours and live live they way you want to live it.
Let me help you to get started, and be your personal coach. If you are looking for a get- rich quick scheme, sorry this is not for you. But, if you are looking for a legitimate way to start your own business and earn 4 digit income each month. then I can help you. If this sounds interesting, then click the link below and check it out.
Thank you for stopping by, and if you have any questions or comments, please leave them below and I will get back to you. I always answer every comment!