It's been one year since the WannaCry ransomware epidemic hit and wreaked havoc on systems globally.
Milestones can give us important context, and many in InfoSec are asking if we are better prepared today—or do we have something greater to cry about on the horizon?
Grant Bourzikas of McAfee writes:
When the WannaCry ransomware attack hit tens of thousands of individuals and business around the world on May 12, 2017, it wasn’t the first time we had seen ransomware, but its impact was unique and lasting.
With WannaCry, the “theory” of threats became personal. If someone is ill and can’t get medical attention, that’s personal. It your pacemaker is hacked, that’s personal. And if your car—self-driving or not—gets its power steering wheel locked by a hacker when you’re going 80 miles an hour, that’s personal.
Why was Wanna Cry different? Because it’s the first time we’ve seen worm tactics combined with ransomware on a major scale. The outbreak infected at least 350,000 victims in more than 150 countries.
WannaCry’s success came down to its ability to amplify one attack through the vulnerabilities of many machines on the network, making the impact greater than what we had seen from traditional ransomware attacks.