WannaCry hackers just getting started, former federal CISO says

64 views


The initial WannaCry attack on May 12 rocked the globe and security experts are now saying it infected at least a million more systems than originally thought.

While conservative estimates place the number of impacted computers at about 300,000 in some 150 countries, security firm Kryptus Logic CEO Salim Neino said in actuality WannaCry struck 1-2 million computers.

Not only that, but Kryptus Logic — the firm responsible for finding the killswitch that stopped the majority of the spread — has thwarted an additional 60 million infection attempts. Seven million of these attempts were made in the U.S. alone, and Neino estimates these attacks could have impacted 10 to 15 million unique systems, at a minimum.

Further, the initial incident in May was just a small start and, indeed, the bulk of the attacks happened in June.

The largest attempt Kyptus Logic thwarted and measured to date was on a well-funded hospital on the east coast.

“WannaCry is a slow pitch soft ball, whereas the next one may be a high and tight fast ball coming in,” Gregory J. Touhill, former federal CISO and adjunct professor of cybersecurity and risk management at Carnegie Mellon University, told a Science, Space and Technology committee on Thursday. “We need to be ready.”

Not only that, Kryptus Logic — responsible for finding the killswitch that stopped the majority of the spread — has thwarted an additional 60 million infection attempts. Seven million of these attempts were made in the U.S. alone, and Neino estimates these attacks could have impacted 10 to 15 million unique systems, at a minimum.

Further, the bulk of the attacks didn’t happen in May — but in June. The largest attempt Kyptus Logic thwarted and measured to date was on a well-funded hospital on the east coast.

“It’s very likely the health system is unaware of the attempt,” explained Neino. “Most organizations don’t know they’re being exploited… Because WannaCry is self-propagated, the actors don’t even need to be in existence. The virus continues to proliferate in the actors’ absence.” 

WannaCry was just manifestations among many new kinds of disruptive threats, Symantec CTO Hugh Thompson said. “The threat landscape continues to evolve quickly, not just in technology, but in the social engineering methods used. The explosive growth of attacks like WannaCry and Mirai, demonstrate the need for layered defense.”

All of the security experts pointed to the need to better plan and an added response plan to an organization’s security program. And it’s not necessarily about a need for better technology.

“Cybersecurity is a risk management issue. But many people mistakenly recognize it solely as a tech concern,” said Touhill. “Cybersecurity is a multidisciplinary risk manage issue, and an essential part of a healthy risk management program.”

“We have to be prepared that a determined adversary may get through those initial defenses,” said Thompson added that the U.S. must be prepared to fight a determined adversary that penetrated initial defenses.

“There’s no question that WannaCry was an important event,” he said. “But it won’t be the last. It’s more of an indicator of what’s to come. We lucked out, but next time we won’t be so lucky.”

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com


Like Healthcare IT News on Facebook and LinkedIn

Source link

WannaCry hackers just getting started, former federal CISO says

Tags: #Healthcare #Healthcare Info #Healthcare News #Healthcare Recipe #Healthcare Trick #Healthy Lifestyle