On May 12th, 2017 i.e almost two years ago, around 250,000 computers were infected by a malware called WannaCry which encrypted data on the systems causing billions of losses to companies and individuals. The malware spread was so quick that thousands of computers operating in over 150 countries were infected by the virus within a time period of just 3 days giving cybercrooks a chance to make millions within no time.
Hospitals across UK belonging to NHS were the worst hit in the cyber attack forcing the government to declare a partial emergency in the state to tackle the situation.
Government systems, railway networks and private companies operating across the globe were the worst hit in the attack.
Later an investigation launched by US FBI in coordination with CIA discovered that the malware was developed by a hacking group from North Korea who somehow got hold of the hacking tools developed by National Security Agency and manipulated it a bit to create a cyber weapon called WannaCry Ransomware.
Cybersecurity Insiders later learned that the hackers exploited an NSA backdoor called ‘DoublePulsar’ to create a persistent backdoor from Microsoft Vulnerability called Eternal Blue.
Now, after two years of the cyber attack, the data generated by search engine Shodan says that still over 1.7 million of internet-connected devices are vulnerable to the NSA Tool exploits exposing them to more malware attacks such as WannaCry and NotPetya Ransomware.
In the US alone, more than a million devices are estimated to be prone to infection driven attacks.
A security researcher named Jake Williams found that the ransomware which infected the IT Infrastructure at the Atlanta city was created from the NSA Tools.
Williams also drew a conclusion that the Eternal Blue vulnerability found in Microsoft operation systems by NSA can be repurposed in such a way that more connected devices can be infected by innovative malware such as cryptocurrency mining codes.
So, the cyber threat on the impact scale still seems to be very high and the only way to handle the situation is by following basic cybersecurity hygiene like taking regular backups, use anti-malware solutions to monitor cyber risks, keep the systems patched with the latest security updates and never bow down to the financial demands of hackers as it will deteriorate the situation by encouraging their deeds.