Today, my friend in the UK alerted me that his social media accounts were terribly hacked. He lost all his Google pictures and the hacker tore down his Facebook, Twitter, and Instagram accounts. That’s just the tip of the iceberg.

Last Friday, many National Health Services (NHS) hospitals in the UK were hacked with ransom demands for payment. Cancellation of surgery, lost x-rays, no lab results and even patient records were not available. So far, no one has claimed responsibility. Experts say it was inspired by a tool kit that the Pentagon’s National Security Agency leaked out in 2016.

Known as “WanaCryptOr 2.0” ransomware, it is being called a “Cyber apocalypse’ affecting over 20 British hospitals and worldwide major companies. The top affected countries are Russia, Ukraine and Taiwan. Many report it will take “days” to clean systems.

Apparently Microsoft Windows has an operating bug in the operating system and the malware, Wanna Decryptor or WannaCry, was spread through email phishing. A worm bug, it loops through security holes to attack the network and disable the entire system. It shuts down the entire system and all its files files until a ransom is paid to hackers.

Reports say the National Security Agency/Central Security Service (NSA/CSS), the “home to America’s codemakers and codebreakers” leaked their NSA tool kit showed a weak point in Windows systems, and how it could be attacked. Whoever did the cyberhack reportedly did not use the actual NSA ransomware tool, and the NSA had nothing to do with it, according to experts.

It’s true that now an unprecedented attack occurred in over 100 entities:

  • China: secondary schools, universities
  • Nissan
  • Renault
  • Germany: railway information screens
  • Russia: Interior Ministry
  • Russia: Central Bank (they said the attack was stopped)
  • Spain: Telefonica telecom, Madrid headquarters
  • USA, Memphis, Tennessee: FedEx headquarters in
  • UK: NHS Hospitals

We can all thank England’s @malwaretechblog on Twitter, a 22-year old UK cybersecurity researcher for purchasing a domain name in the malware virus, so he could track it. With help from Darien Huss, Proofpoint security, his site acted as a “kill switch” to spread further. @malwaretehblog works for Kryptos logic in LA and reportedly lives at home with his parents.

Microsoft Official Remedy: reports say it is pushing out Windows updates to defend systems from the software. Unrelated, on May 10, 2017 , two days before the attack, Microsoft posted two Malicious Software Removal Tools, found here. https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Malicious Software Removal Tool 32-bit and a 64-bit version are for PCs.

MAC users don’t have to generally worry about this cyberattack because MACs come with MAC Os X, a different system. However, Apple’s Boot Camp allows installation of Windows installation but one would have to specifically do that download; many users don’t like it because only one can be used at a time.

Ransom demands on Friday were for $300 in Bitcoin. This isn’t the first time it happened – here in Southern California, Hollywood Presbyterian Medical Center paid over $17,000 to hackers. And hackers are cutting into healthcare patient records, a crime that has gone up by 11,000% last year.

~ ~ ~

A NBC News article cites that in February 2015, Anthem said hackers stole 80 million medical records, together with Social Security Numbers, names, birthdays, and of course, medical insurance card numbers. Then in March 2015, Premera Blue Cross announced hackers stole as many as 11 million medical records.

That means as many as 1 in 3 US health care records are compromised, and most people don’t know how widespread the problem is. NBC News 2015 estimates that,

100 million patient records were stolen last year.

100 million patient records were stolen last year. Hackers go online to brag about the theft, or to advertise that you can start over “to get a brand new healthcare plan for yourself.”

Hackers reportedly steal medical records to do self-serving items: order prescriptions, pay for treatments and even get surgery! Also, they take it one step further to file false tax returns. So read up on protections below:

Avoid getting hacked by Taking Security Precautions:

  • Use good passwords.
  • Never use the same email account for banking and shopping.
  • Upgrade security settings.
  • Watch your Google hosting sites.
  • Use PIN codes on your IRS returns.
  • Save all your internet and computer images & important documents onto a hard drive.
  • Reset your passwords.
  • Avoid giving out even your last four digits of your social security number to doctor offices and hospitals.
  • Don’t open email from a site that you don’t know.
  • Updating with Microsoft isn’t enough – right? doesn’t that sound like too simple a solution?

The “Accidental Hero”

We can all thank England’s @malwaretechblog, a 22-year old UK cybersecurity researcher for purchasing a domain name in the malware virus, so he could track it. With help from Darien Huss, Proofpoint security, his site acted as a “kill switch” to spread further. @malwaretehblog works for Kryptos logic in LA.

Malware Tech, the 22-year old stopper of the attack, said,

“Warning for Monday: if you turn on a system without the MS17-010 patch and TCP port 445 open, your system can be ransomwared.”

Then he opened a new Twitter account, @MalwareTechLab

THE SOLUTION:

Here’s @MalwareTechLab’s Tweet link, directly to Microsoft’s posted page for the latest:

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Screen Shot 2017-05-14 at 8.31.03 PM
Finally, you know how much I like Twitter. You can Follow people in this story by going here:

MalwareTech Personal: https://twitter.com/MalwareTechBlog

MalwareTech Lab: https://twitter.com/MalwareTechLab

NSAGov: https://twitter.com/NSAGov

~ ~ ~

This story is rapidly gaining ground – be sure to SHARE & best to go to Twitter directly here for the latest news from the “Accidental Hero” who needs cheering up, as already people who mistakenly thought he caused the problem are hassling ya know. 

So cheers to you, too!

References:

http://www.businessinsider.com/how-22-year-old-stopped-global-cyberattack-ransomware-registering-domain-2017-5?r=US&IR=T&IR=T

http://www.nbcnews.com/news/world/national-health-service-cyberattack-hits-english-hospitals-hackers-demand-bitcoin-n758516

http://www.nbcnews.com/tech/security/big-paydays-force-hospitals-prepare-ransomware-attacks-n557176  

http://www.nbcnews.com/news/us-news/hacking-health-care-records-skyrockets-n517686

http://www.nbcnews.com/news/us-news/electronic-medical-records-latest-target-identity-thieves-n365591

http://www.nbcnews.com/tech/security/big-paydays-force-hospitals-prepare-ransomware-attacks-n557