Lead Image © Natalia Lukiyanova, 123RF.com

Lead Image © Natalia Lukiyanova, 123RF.com

Preparing for cyberattacks

The Enemy in My Web

Article from ADMIN 70/2022
By
The possibility of a ransomware attack means it is essential to prepare for cyberattacks by putting defense mechanisms and contingency plans in place.

The number of cyberattacks with ransomware has been rising steadily for several years. WannaCry ransomware attacks caused quite a stir in 2017. Hundreds of thousands of Windows systems were infected through a vulnerability in Microsoft's SMB protocol, and the data on these systems were encrypted. The malware used a US National Security Agency (NSA) exploit named EternalBlue published for propagation by a hacker group. Although Microsoft released a patch to close this gap before the WannaCry outbreak, many systems had not yet been updated and were therefore still vulnerable (Figure 1).

Figure 1: Game over. If you see a message like this on the screen, ransomware – in this case WannaCry – has struck.

More or less by accident, British security researcher Marcus Hutchins found a way to disable WannaCry. The malware checks for the existence of a special domain before encrypting files. If the domain is not accessible, WannaCry starts encrypting. After the registration of this domain in the worldwide DNS system, further propagation was temporarily stopped after just four days. By then, Bitcoin payments equivalent to several hundred thousand dollars had already been transferred to the attackers' wallet.

The encryption of more than 30 servers on the computer network of University

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus