WannaCry Attack Part 2: From Traffic Cameras to Factories

Table of Contents

A bit more than a month ago, the virtual world was struck with the ransomware – WannaCry[1]. It quickly went viral from the farthest countries in the West to the most remote regions in the East. In total, more than 150 countries and 200 000 devices were affected.

Thanks to the fatal coincidence, IT expert Marcus Hutchins saved the virtual community from further terror as he found a way to curb the infection. In response to the malware, the world focused on eliminating the key cause: updating oldWindows OS machines. However, current events show that the world has not learned its lesson yet.

Hit twice

The success of WannaCry lied in the hacking tool developed by none other than National Security Agency. The tool was created on the basis of EternalBlue vulnerability – Server Message block protocol exploit. It was leaked by the group of hackers ShadowBrokers on March this year, but other hackers have picked it up to develop the cyber menace which the virtual community has never seen before.

Though Microsoft has released the patch after the news about the leak broke out, May 12 revealed the enormous number of still outdated Windows machines throughout the world. Honda, famous car manufacturer, turned out to be one of them.

While it has been recovering from the attack and it seemed to have secured the system from similar attacks – it witnessed the irony of life again. On Monday, June 19, the company has reported that

WannaCry hit their systems again which resulted in the halted manufacture processes in Sayama branch.[2]

The malware shuts down 55 speed and red-light cameras in Australia

Not far away from Japan, the malware also manifested itself in Australia. It targeted 55 traffic cameras. A slip of a hand caused 55 speed and red-light cameras to shut down – someone plugged in the infected flash drive.

Though Australia’s Department of Justice suspect that it was the unintentional misdeed by a technician[3], there are also opinions that the action was deliberate. What is more, the actual date of the infection is unknown, but experts suspect that the cameras had been compromised already at the beginning of June.[4].

If you daily use Skype, on Monday, you might have frustrated with its connectivity problems. It turned out that it also had been under major DDoS attack which was claimed by Cyber Team. The after effects of the attack were most visible in Europe.

Unexpected plot twist – NSA publishes its tools on GitHub

Others, who had time to get angry with someone, might have spent hours blaming NSA for causing global chaos. Recently, the agency published some of their tools, such as Windows OS certificates.

The company claims that it was done for commercial purposes, these tools may undoubtedly serve for hackers. In fact, it might turn out to be the same scenario as with open-source HiddenTear ransomware also available on GitHub. It continues to remain the model for new file-encrypting threats.

These incidents prove the assumption that both, cyber security specialists, corporations, as well as individual netizens, should be vigilant – you never know when hackers decide to strike again.