EO Johnson Blog

WannaCry! Here’s the Screen That Created the ‘Scream’ Heard Around the World

Written by Shannon Mayberry | Fri, May 26, 2017

Ransomware threats, like WannaCry, are hitting small businesses at an all-time high pace. Ryan Olson, director of a cyber security threat intelligence team in Palo Alto says, “Small businesses are frequently a more appealing target for ransomware because they sit at the juncture of money and vulnerability. They have more money than individuals, but being small companies, they lack the more sophisticated defenses that larger companies have.”

Take a close look at the English version of ‘WannaCry’ that highjacked computer systems in more than 150 countries on May 12—including many small businesses. When it appeared on their computer screens, it was cleverly constructed to keep victims on task to do ‘exactly’ as they bid.  Note that every word and visual is knife-point sharp to create hyper-urgency.

Headlines lead you right to the “pay us or else” line.

  • What happened to my computer? (Raises the blood pressure of the victim immediately!)
  • Can I recover my files? (Here’s a hint: probably not.)
  • How do I pay?

Digital clocks push the panic buttons even higher.

  • Two digital tickers insure you’ll move fast!
    • Clock one = means pay (by bitcoin) or the price goes higher.
    • Clock two = gives the exact time your data will be lost forever.
  • Most people don’t use bitcoin so instructions are given on how to get it. (FYI, bitcoin is the currency of the internet created in 2009 by an unknown person using the alias Satoshi Nakamoto. Transactions are made with no banks involved. No transaction fees. No need to give your real name.)

What does the FBI say?

According to FBI Cyber Division Assistant Director James Trainor, ransomware hackers create huge security challenges because they’re always evolving. As an example, they can now bypass the need for an email user to click on a link by placing malicious code in legitimate websites—taking advantage of unpatched software on end-user computers.

Trainor says, “There’s no one method or tool that will completely protect you or your organization from a ransomware attack. But, contingency and remediation planning is crucial to business recovery and continuity—these plans should be tested regularly.”

We certainly agree with that conclusion.

Our advice to anyone looking to provide a secure IT infrastructure is that multiple layers of security are required because there’s no single silver bullet.  It takes expertise and multiple systems working in tandem to provide a real defense.  And planning for the worse-case scenario of a major security incident is a smart business move because the odds are high that every business will have to deal with a breach at some point.

Partnering with a Managed Security Service Provider is your best protection.

As the FBI affirms, cyber threats are constantly evolving, placing all businesses—and most especially, small businesses in danger. Because cybersecurity is so highly specialized, more and more small to mid-size companies are partnering with managed security service experts who have the right tools to implement a full “layered security” program to provide multiple defensive measures that are able to react quickly to attempted breaches and keep your business as safe as possible.

But, don’t wait until the next newspaper headlines announce a major security threat—by then it’s too late!  Make a call today to an MSSP. They can tell how a hacker sees your system and how to minimize risk.  Learn what  they can do to minimize your risks from ransomware and other breaches. They’re the ‘crime watchers’ of our time—and fully engaged in the protection of businesses under their watch.  While Do it Yourself, or DIY, is popular today for fixing up your home, DIY is not a good idea for cybersecurity, help is available from cybersecurity experts, but it is up to each business to seek out that help…before it is too late.