A massive Cyber attack started in Ukraine last night. As far as we know it started spreading in Ukraine, but has now gone global. It has hit some of the largest banks in Ukraine as well as the power grid. At the time of this writing many companies throughout Europe are also being hit. This is very much like WannaCry in that it uses the EternalBlue attack that was stolen from the NSA. Once you have been encrypted your desktop goes into a DOS prompt and requests that you give $300 in bitcoins and send them to a specific address. Once your machine becomes infected it scans the network to try to infect other machines in your organization. There have been reports that it has encrypted 5,000 machines in 10 minutes, so this is spreading fast.
It’s been a very rough couple of days in cyber security world. It does appear that WannaCry was as bad as the predictions thought. The revenue generated (yes the hackers refer to it as revenue) is still growing. Unfortunately, crime pays in this era of ransomware.
As I walked out of the office Friday night before I thought about our internal environment and I was not very stressed. It wasn’t because we are an IT services company and “everyone’s an IT guy”. It was because of the countermeasures which we already have in place. I’d like to detail those countermeasures so you can see what we do in an effort so that you can have a bit less stress on your Friday night.