author photo
By SecureWorld News Team
Mon | May 15, 2017 | 9:04 AM PDT

But don't draw the wrong conclusions from the attack.

Motherboard explains:

On Friday the world was rocked by the largest malware outbreak in some time. It spread quickly, and to the casual observer apparently purposefully, targeting high profile companies and government agencies. But the idea that this was an attack against our infrastructure, and the suggestion that this was a terrorist act, would be the wrong conclusion to draw from the outbreak.

Malware doesn't normally spread this quickly, so the rapid propagation of the outbreak looks intentional. It looked like a directed attack. It wasn't. There were ransomware outbreaks that ranged all over, from Telefonica in Spain, to universities in China and Italy. From the Russian Interior Ministry to Deutsche Bahn in Germany. It appeared in elevators, building lobbies, and malls around the world.

We've all become far too comfortable with the idea that malware is spread via email. That just not opening suspicious emails is enough to protect us. However while the initial infection vector for last week's attack might well have been an email—although there's no real evidence of that at the moment—that's almost irrelevant now. Except for the painful, and almost certainly pointless, process of tracking down who was behind the outbreak, patient zero doesn't matter. Because the reason that the ransomware spread so quickly is that this was an SMB network worm. Once an initial infection occurred it no longer needed human help to propagate.

Comments