Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Onsite Support
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 16 May 2017 / Published in Woo on Tech

Accidental hero stops the WannaCry assault

Famed painter and TV personality Bob Ross was beloved for his soothing instructional style and effortless technique, but he was also well known for referring to his occasional painting mistakes as “happy little accidents” which would quickly be transformed into art. In the technology industry, “accidents” are rarely happy and even the little ones have a tendency to “go big” way too often, but this past weekend a British security researcher for Ars Technica briefly held back the WannaCry horde purely by accident, possibly long enough for Microsoft to rally and release an out-of-band patch for the old operating systems that were being hit hardest by the malware.

Tell us a story, Woo!

I’d like to say that his exploits would make for a great Hollywood movie, but that would be a happy little lie. Instead, the researcher known as “MalwareTech” registered a domain name he found in the code of WannaCry as part of standard operating procedure. Contemporary malware often uses random/junk domain names to host command and control infrastructure used to direct activities of their bot armies, and security researchers like our hero often register any unregistered domains they find in malware code in order to “sinkhole” infections and dismantle bot armies built around domains now under the control of the good guys. Think of it as a virtual sting operation. Usually this would put a small dent in the overall cyberattack, but in this case the WannaCry malware stopped in its tracks as, in this case, the domain was designed as a kill-switch. Once the malware saw that the domain actually existed on the internet, it was programmed to stop working.

Sadly, this wasn’t the triumphant conclusion to an epic trilogy, but the dark, middle chapter in the ongoing war: shortly after the accidentally won respite, new variants of WannaCry started propagating sans the kill-switch, and the battle is rejoined. Fortunately for the “good guys” Microsoft issued emergency patches for Server 2k3 and Windows XP and several other End-of-life operating systems still in wide use around the world, but this desperate Hail Mary only prolongs the slow slide into complete obsolescence for some companies that foolishly cling to unsupported technology in a classic example of “penny-wise, pound foolish.”

Despite the brief, shining moment of hope, the kill-switch didn’t magically undo the thousands of encrypted hard drives already kidnapped by WannaCry. Unless they have backups of their data, the victims face the hard choice of paying the ransom or wiping it all out and starting from scratch. And even if they are able to restore from backups, will the sting of this attack be enough to galvanize change, or just another Sisyphean trudge up a well-worn hill?

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

  • Tweet

What you can read next

Tips and Tricks for Troubleshooting
NSA Hacked
NSA possibly hacked, data for sale
Tech Gift Ideas for Holiday 2016

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • SolarWinds blames intern for weak password scandal

    Despite their best efforts, SolarWinds isn&#821...
  • Apple-logo.png

    New Malware hits 30k Macs

    Not even three months into Apple’s releas...
  • Biohazard warning

    Poor IT practices led to Florida utility hack

    Last week the sleepy Florida town of Oldsmar ma...
  • Facebook – Too little, too late?

    When working with people who are actively attem...
  • Things you should know as a WFH Pro

    While the past year has been no picnic for anyo...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP