Here’s How the WannaCry Ransomware Event Happened

We know cyberattacks have gotten worse recently, and the WannaCry Ransomware attack is the biggest one yet. Sadly, few people are equipped to deal with hacks and even phishing attempts: Just a few days earlier, we covered a report noting that 75 percent of CEOs rely on applications and programs that are not approved by their IT department. We need to do better.

Eric Klonowski, Senior Advanced Threat Research Analyst at Webroot, has offered a few words of wisdom on what’s unique to this case, what people can do to protect themselves, and what’s in the future of hacking disasters.

How the WannaCry Ransomware Event Happened

Technically, how does Webroot detect and prevent infection by WannaCry or other Trojans?

“We have proprietary detection systems in place. In the case of WannaCry, our Webroot SecureAnywhere (WSA) detected and blocked it just like any other malware that we see. What was unique about this malware was its distribution method.”

Does this mean that no customer running Webroot has been, or indeed will be, affected by WannaCry?

“It takes time to learn about every threat and learn how to protect against it. This being said, our call volume has not been impacted at all by this threat. However, if someone has an unpatched system, there is potential for infection due to the vulnerability within the OS mentioned. We also have other tools to assist in auto-remediating malware.”

Do you have evidence that the initial infection vector was email?

“While our threat teams are still actively researching the threat, we know it is propagating by probing and exploiting vulnerable systems.”

What Can Be Done to Avoid Ransomware?

Webroot offered four tips for those hoping to prepare for ransomware attacks in the near future.

  • Back up your data. Unfortunately, ransomware can attack cloud storage services and network drives. Create a physical backup on a DVD or portable drive, and keep it in a secure location that is not connected to your computer.
  • Make sure you are practicing good cyber hygiene. Hover before you click to make sure you know the end destination of links, change your passwords regularly and keep your operating systems up-to-date. Don’t open emails from unknown senders.
  • Use antivirus software. Make sure ransomware doesn’t get on your computer by using software that can block malicious phishing sites. But, beware of free security: you get what you pay for.
  • Patch and update your device. Regularly check for firmware updates for your device. This is how companies push out fixes for any known vulnerabilities.

More Is Likely to Come… But Not as Bad

Here’s what Klonowski had to say on whether the threat from similar hacks might get worse in the near future:

“Malware authors tend to follow the leader. Being that WannaCry’s infection rates were so high, I am fairly positive we will  see copycat malware also using CVE-2017-0144 as a means of spreading in the near term. However, after being infected, most people tend to apply the necessary updates, in this case patching old systems, so I suspect malware using this vector will not be quite as successful. In addition, exploits as serious as this are of high value and fairly rare, so we really only see worms as prolific as this once every few years.”

Hopefully Webroot and any other endpoint security or threat intelligence services will continue keeping up with each cyber attack as it happens. As long as we keep our security systems on par with the threats to them, we’ll be able to squash each new exploit attempts as it occurs. 

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' was a 2024 Locus Awards finalist. When not working on his next art collection, he's tracking the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals