cyber security

How WannaCry caused global panic but failed to turn much of a profit

The cyber-attack hit 200,000 computers and a number of big global organisations. But it has only made $82,000 in ransom so far.

The recent WannaCry cyber-attack led to panic across the globe, showing just how important it is for organisations to have secure operating systems. This was not even the most sophisticated malware around. Numerous networks could easily cope with it and it largely hit legacy operating systems such as Windows XP.

In most corporate infrastructures, there would be no sign of Windows XP – and it seems unbelievable from a security perspective that the national health service of an advanced economy like the United Kingdom would run its critical infrastructure on such an unsafe, antiquated system.

Perhaps the most striking aspect of this recent attack is how unsuccessful it has been in terms of generating a ransom. As well as the National Health Service in the UK, it hit French car manufacturer Renault, US delivery service FedEx, Russia’s interior ministry and Spanish telecoms and gas companies. Yet, ransom payments currently total only around $82,000.

The chart shows the current balance of the three Bitcoin addresses known to be associated with the WannaCry ransomware. Source: Elliptic.
The chart shows the current balance of the three Bitcoin addresses known to be associated with the WannaCry ransomware. Source: Elliptic.

This is minuscule when we compare it to other ransomware attacks. CryptoWall made its author $325 million with over 406,000 attempted infections.

The interesting thing about the WannaCry ransomware is that it mostly hit large organisations with legacy networks – and they will often not pay ransoms as they have back-ups or run their data from a central server. Thus, despite more than 200,000 infections worldwide, there have been fewer than 200 payments.

The weak impact is because this is a different type of ransomware. The most successful ones spread through spear phishing emails and target individuals and small businesses, which often do not have back-ups. This ransomware was different in that it spread of its own accord through unpatched systems (systems that had not followed recent warnings to protect against a virus and back-up their files) – as a worm. But it is humans that are generally the weakest link when it comes to information security.

The perfect crime?

Ransomware is almost the perfect information technology crime. If an online criminal can trick you into installing malware, they can then lock your files and hold them ransom until you pay them a release fee. Only a secret encryption key, which they hold, can release the files.

It is simple, but highly effective. No virus scanner or law enforcement professional will be able to unlock your files unless they have the magic encryption key, and the longer the target takes to pay for it, the greater the risk there is to their business. As with any malware, though, there might be bugs in the software, so there’s no guarantee that you’ll get your files back, even if you do as the blackmailers say. And there’s always the risk that they will just ask for more money once you pay them. Some malware increases its ransom demands over time, ultimately deleting all the files affected.

Nonetheless, it means that the success rate of the crime is incredibly high – at around 65%, as sensitive and important documents are often the target of the infection.

Success rate for ransomware. Source: Trent Micro - New Research: Uncovering the Truth About Ransomware.
Success rate for ransomware. Source: Trent Micro - New Research: Uncovering the Truth About Ransomware.

Increasing infections

Computer security firm Trend Micro surveyed over 300 information technology decision makers in the United Kingdomin September 2016 and found that 44% of businesses have been affected by ransomware over the last two years. The same survey found 79 new types of ransomware in the first nine months of that year. This compared to just 29 in the whole of 2015.

This is a great worry for many companies. The impact on those affected by the infection can be costly, with an average of 33 person hours taken to fix it.

In around 20% of the cases, £1,000 was requested, with an overall average of £540. Some large organisations faced demands of as much as £1 million. But for many companies, this is the tip of the iceberg as it can be costly for a company in terms of reputation as customers could start seeing them as untrustworthy.

Perhaps the most frightening statistic that Trend Micro found was that in one in five cases, even when the company paid the ransom, they were unable to recover their important files – indicating that the ransomware service is not quite as robust as it should be.

If you ask many security professionals, the recent WannaCry ransomware was fairly easy to defend against, and was fairly unsophisticated. What it clearly shows is that there is still more success in tricking individuals than in spreading malware across large networks. The National Health Service does, though, need to make sure that not one unpatched computer ever goes near its network, and that employees understand that they shouldn’t click on suspicious links.

Meanwhile, with law enforcement agencies focused on the three Bitcoin wallets associated with WannaCry to try and find out who profits, there will be a whole lot more ransomware that goes unreported and unnoticed.
This article first appeared on The Conversation.

We welcome your comments at letters@scroll.in.
Sponsored Content BY 

What’s the difference between ‘a’ washing machine and a ‘great’ washing machine?

The right machine can save water, power consumption, time, energy and your clothes from damage.

In 2010, Hans Rosling, a Swedish statistician, convinced a room full of people that the washing machine was the greatest invention of the industrial revolution. In the TED talk delivered by him, he illuminates how the washing machine freed women from doing hours of labour intensive laundry, giving them the time to read books and eventually join the labour force. Rosling’s argument rings true even today as it is difficult to deny the significance of the washing machine in our everyday lives.

For many households, buying a washing machine is a sizable investment. Oddly, buyers underestimate the importance of the decision-making process while buying one and don’t research the purchase as much as they would for a television or refrigerator. Most buyers limit their buying criteria to type, size and price of the washing machine.

Visible technological advancements can be seen all around us, making it fair to expect a lot more from household appliances, especially washing machines. Here are a few features to expect and look out for before investing in a washing machine:

Cover your basics

Do you wash your towels every day? How frequently do you do your laundry? Are you okay with a bit of manual intervention during the wash cycle? These questions will help filter the basic type of washing machine you need. The semi-automatics require manual intervention to move clothes from the washing tub to the drying tub and are priced lower than a fully-automatic. A fully-automatic comes in two types: front load and top load. Front loading machines use less water by rotating the inner drum and using gravity to move the clothes through water.

Size matters

The size or the capacity of the machine is directly proportional to the consumption of electricity. The right machine capacity depends on the daily requirement of the household. For instance, for couples or individuals, a 6kg capacity would be adequate whereas a family of four might need an 8 kg or bigger capacity for their laundry needs. This is an important factor to consider since the wrong decision can consume an unnecessary amount of electricity.

Machine intelligence that helps save time

In situations when time works against you and your laundry, features of a well-designed washing machine can come to rescue. There are programmes for urgent laundry needs that provide clean laundry in a super quick 15 to 30 minutes’ cycle; a time delay feature that can assist you to start the laundry at a desired time etc. Many of these features dispel the notion that longer wash cycles mean cleaner clothes. In fact, some washing machines come with pre-activated wash cycles that offer shortest wash cycles across all programmes without compromising on cleanliness.

The green quotient

Despite the conveniences washing machines offer, many of them also consume a substantial amount of electricity and water. By paying close attention to performance features, it’s possible to find washing machines that use less water and energy. For example, there are machines which can adjust the levels of water used based on the size of the load. The reduced water usage, in turn, helps reduce the usage of electricity. Further, machines that promise a silent, no-vibration wash don’t just reduce noise – they are also more efficient as they are designed to work with less friction, thus reducing the energy consumed.

Customisable washing modes

Crushed dresses, out-of-shape shirts and shrunken sweaters are stuff of laundry nightmares. Most of us would rather take out the time to hand wash our expensive items of clothing rather than trusting the washing machine. To get the dirt out of clothes, washing machines use speed to first agitate the clothes and spin the water out of them, a process that takes a toll on the fabric. Fortunately, advanced machines come equipped with washing modes that control speed and water temperature depending on the fabric. While jeans and towels can endure a high-speed tumble and spin action, delicate fabrics like silk need a gentler wash at low speeds. Some machines also have a monsoon mode. This is an India specific mode that gives clothes a hot rinse and spin to reduce drying time during monsoons. A super clean mode will use hot water to clean the clothes deeply.

Washing machines have come a long way, from a wooden drum powered by motor to high-tech machines that come equipped with automatic washing modes. Bosch washing machines include all the above-mentioned features and provide damage free laundry in an energy efficient way. With 32 different washing modes, Bosch washing machines can create custom wash cycles for different types of laundry, be it lightly soiled linens, or stained woollens. The ActiveWater feature in Bosch washing machines senses the laundry load and optimises the usage of water and electricity. Its EcoSilentDrive motor draws energy from a permanent magnet, thereby saving energy and giving a silent wash. The fear of expensive clothes being wringed to shapelessness in a washing machine is a common one. The video below explains how Bosch’s unique VarioDrumTM technology achieves damage free laundry.

Play

To start your search for the perfect washing machine, see here.

This article was produced by the Scroll marketing team on behalf of Bosch and not by the Scroll editorial team.