First, apologies for the lack of updates here – I was hoping to write yesterday but I spilled water on my laptop to protect myself from WannaCry. (That’s a joke, as I use a Mac; however, I did spill water on my machine but it seems to be good now.)

We’ve had a lot of things happen at the beginning of this year, including a death in the immediate family. You are never really prepared for such a thing even if you’re expecting it. Remind your loved ones of your love for them, and ensure that you have preparations in place for such happenings – while unpleasant to think about, they are necessary. We were fortunate to have had a lot of them in place already, but there’s quite a bit that still ends up having to be done, and the one person who might otherwise have the answers can no longer give them to you.

WannaCry Ransomware Worm

Perhaps it’s suitable then that the first large malware worm since Conficker (~2008) comes to us with the title “WannaCry”.

WannaCry Ransom Screenshot

A ransomware worm is making the rounds of the internet, and has affected tens of thousands of machines across the globe, and hundreds of organisations. Some of the bigger names to be affected include the NHS in England; a German railway; Chinese ATMs; and any number of other organisations.

There’s an interesting story about how the twitter user “malwaretechblog” accidentally prevented the propagation of the worm:

https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html

which is quite cool reading if you’re up for it.

The malware authors have only made about £18,000 so far, which, while far from nothing, is still quite low – while there’s probably about 24 hours left in their original three day window, hopefully they won’t make too much more. You can check how much they’ve made at these $BTC addresses:

https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

That being said, the worm is fairly nasty (obvs) and if you are a victim, you are advised NOT to pay. (Such a thing only increases the likelihood of further attacks, from the originating author and/or copycats.) It brings to mind the two of the most important lessons of computer science: PATCH, and BACKUP. Ideally you should be patched against vulnerabilities exploited by worms, but if not, and you do fall victim, you should restore from backups. If you don’t have backups, you’ll have to try and recover from what you can, or start over – paying will oftentimes not get you what you want even if the bad guys say otherwise.