3 cyber fraud horror stories and how they could’ve been prevented
Ransomware is one of the biggest threats to business owners, both large and small. In most cases, ransomware can be prevented – yet it’s often not, due to a number of factors (which well explore).
Writing for Business Advice, cyber security expert Robert Dale showcases three of the worst cyber fraud horror stories you’ve ever read, and what couldve been done to prevent them.
WannaCry was a ransomware in 2017 that caused billions of dollars in damage globally. it’s a really long story that involves the NSA, Russia’s GRU intelligence agency, Microsoft, unknown Russian hackers, and somehow North Korea.It was basically a real-life Tom Clancy novel, with some elements of Stephen King’s The Stand for good measure. Remember in The Stand how the world-population-destroying virus basically escaped a secret government lab? That’s the summary of what happened here.The NSA had been compiling system exploits for a long time, basically coming up with all kinds of nasty system hacks. They created a penetration tool that targets Microsoft Windows, and codenamed it EternalBlue. Theyve been compiling these zero-day exploits for cyberwarfare because nowadays, you can pretty much cripple a country’s economy with a good virus. The NSA notified Microsoft, and Microsoft released a security update for Windows platforms. Which apparently, nobody downloaded.Somewhere along the way, hackers known as the ‘shadow Brokers? (this is where it starts to read like a Tom Clancy novel) stole a bunch of data, including a bunch of top-secret hacking tools, from the NSA, and leaked it online. Other unknown? hackers, though the CIA is pointing fingers at the Russian military, used the leaked data to create a new ransomware called WannaCry, based on the NSA’s EternalBlue exploit.WannaCry then made its way around the world. As a ransomware, WannaCry’s payload encrypted the MBR (Master Boot Record) of a computer, which basically locks the entire computer from booting up, while displaying a ransom message. Victims were instructed to wire money for their computers to be unlocked.So while the world was being infected, security researcher Marcus Hutchins (who is actually pending trial on unrelated hacking and malware charges) discovered a kill-switch? in WannaCry, which he heroically shared with the world. And then a new version of WannaCry came out, with a new kill-switch method, which was also discovered, and then the final boss appeared, a version of WannaCry with no kill-switch at all.A Scooby group of security researchers from several universities put their heads together and finally defeated WannaCry with encryption APIs, mathematics revolving around prime numbers, and sorcery. Though WannaCry still did around $4bn in damages before suffering defeat.
Criminals are using increasingly sophisticated tactics to defraud businesses, with often devastating consequences. Recent figures from Get Safe Online and Action Fraud revealed that UK firms have lost more than 1bn to online crime in the past year. more»