Reading:
The WannaCry hacking’s “accidental hero”
Share:
wannacry accidental hero

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

The WannaCry hacking’s “accidental hero”

The hack against NHS systems and other organisations across the globe last Friday (12th May 2017) panicked many across the world, and seriously hampered our NHS’ ability to provide lifesaving care.

It has since emerged that one cyber-security expert managed to kill of the ransomware that was hacking into systems across the globe, and it was practically achieved by accident…

Unsung hero

A cyber-security blogger who identifies himself as MalwareTech revealed in his blog (www.malwaretech.com) how he worked his magic to shut down the WannaCry attack, also known as WannaCrypt malware.

The malware managed to shut down parts of the NHS systems as well as infecting computers across 150 countries, including Russia, the U.S., and China.

Users were ordered to pay ransoms to recover full control of their devices.

As the cyber-attack was so vast, it’s impossible to put an exact figure on the cost. However, BBC analysts suggest that cyber-hackers have already been paid the equivalent of £22,080.00.

How the malware was stopped

MalwareTech noted that it was partly accidental when he helped stop the attach when he registered a domain with the intention of tracking the malware. Instead, the domain that he had registered had actually disabled the malware as well as allowing them to track it. In his words: “it killed two birds with one stone.”

He said that he bought the domain as a means to check to see if the malware was running on an antivirus environment – which only cost him $10.69 (£8.29). By registering the domain, it triggered the check and so all of samples thought they were running on an antivirus environment and “they all just quit”. In more technical terms, the domains are pointed towards a sinkhole server which is designed to “capture malicious traffic” and prevent cyber-criminals from having further control of the infected computers.

He didn’t actually intend to kill off the malware. He explained that the domain was purchased because Kryptos logic, an LA-based threat intelligence company that he works for, tracks “botnets”. By registering the domain, he hoped to get a deeper understanding of how the botnet was spreading:

“The intent was to just monitor the spread and see if we could do anything about it later on.”

When it transpired that the 22 year-old managed to kill the malware, he said that he experienced a rollercoaster of emotions which included panic, confusion and ‘jumping around with excitement’ when he accidentally triggered the ‘kill switch’.

The expert told the Guardian:

“I was out having lunch with a friend and got back about 3pm and saw an influx of news articles about the NHS and various UK organisations being hit. I had a bit of look into that and then I found a sample of the malware behind it, and saw that it was connecting out to a specific domain, which was not registered. So I picked it up not knowing what it did at the time.”

Is this cyber-attack just the beginning?

Sadly, the joy may be short-lived. The anonymous hero has warned that his actions have only stopped one sample of the ransomware and that the attack could be rebooted by cyber-attackers.

He noted that the cyber-criminals will “change the code and start again”. He warned, “there is nothing stopping them from removing the domain check and trying again, so it’s incredibly important that any unpatched systems are patched as quickly as possible.”

This should be a real kick up the backside for organisations across the U.K., sadly that’s not a reality for many, more attacks are imminent.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon