Tech community works together to battle WannaCry ransomware

In the Wild West of the cyberworld, private interests may be the most effective first responders. That was the case when it came to WannaCry, the ransomware attack that crippled as many as 200,000 computer systems globally. The information technology security community came together to slow the attack.

The WannaCry wrap up began with Microsoft issuing patches for software it no longer supported. WannaCry proliferated through systems using Microsoft Windows products that were no longer being patched for security vulnerabilities.

Like dry tinder during a drought, WannaCry was a match set to the flame. The best defense against the cyber attack is to have an updated operating system and virus detection software. Seeing the attacks unfold, Microsoft released critical security updates for users of the unsupported software.

It issued the first patch for XP since it stopped supporting the system in 2014. Microsoft issued patches for Server 2003, which is also unsupported but is run on over 500,000 systems worldwide, according to SANS.

“MalwareTech” an information technology researcher, found an unregistered domain name in the ransomware. He bought the domain for $10.69 and pointed the domain to a server that collects and analyzes malware traffic.

As of the time of this writing, that measure effectively stopped the ransomware from proliferating similar to a worm and MalwareTech has been heralded as the WannaCry “hero.”

Finally, information technology security and digital forensics experts have posted a number of webinars and tutorials on YouTube that attempt to explain how WannaCry works and how to remove the ransomware from computer systems.

While politicians and reporters search for the source of the ransomware attack, the IT security and digital forensics communities have worked together to help to mitigate the harm. Computer users need to do their part, too. Remember to update your operating system regularly, use virus protection software, back up critical data and make sure you have sufficient cyber insurance.


© 2017 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable coverage form.

Monique Ferraro

Monique is counsel in Munich Re’s US Cyber Practice at HSB. Previously, she was principal at a digital forensics, e-discovery and information security consulting firm and owner of a law firm. Ms. Ferraro is a Certified Information Systems Security Professional.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.