Current location - Loan Platform Complete Network - Big data management - What can ransomware WannaCry teach us?
What can ransomware WannaCry teach us?

The recent ransomware virus WannaCry swept across the globe with a ferocious momentum, with several organizations and businesses severely affected.

Including China's domestic exposure of several companies or organizations related to the issue, even PetroChina has more than 20,000 gas stations were attacked.

How did the ransomware virus WannaCry manage to spread so freely around the world? And who is responsible?

It all started with the U.S. National Security Agency (NSA), which initially developed a hacking toolkit, Eternal Blue, in the name of national security needs, and the role of this hacking toolkit was to assist the NSA in its work.

"Eternal Blue" contains a number of Windows vulnerabilities in the utilization of tools, as long as the Windows server opened one of the ports 139, 445, etc., may be hacked, in order to assist the NSA when necessary to obtain useful information.

But the worst thing is that this NSA hacking toolkit was stolen one day ...... into the hands of the hacker's toolkit naturally will not be used for charity, and naturally it was utilized for ransom to make a profit.

Because of the relevant vulnerabilities NSA has not been reported to Microsoft, so until March this year, Microsoft began to all platforms of Windows various versions of the push the relevant security patches, but it was too late.

The virus has already wormed its way across the Internet on port 445, and new variants have emerged that have poisoned more than 200,000 PCs in more than 150 countries.

Infected PCs, important files are directly encrypted and deleted, and the ransomware demands a fixed amount of bitcoins from the PC owner, otherwise the encrypted files can never be opened again (it would take tens of thousands of years to decrypt them, even with the most computationally powerful computers on the planet).

Individual user reflection: too much cleverness to suffer

Before the massive outbreak of the WannaCry ransomware virus, Microsoft had already pushed out security patches in March this year, and even Windows XP and Windows Server 2003, which have long since ended their lifecycles, received updates. 2003, among others, have received updates, so why are a large number of users still being attacked?

The reason is simple, really: these PCs have long since turned off automatic updates to their systems, and are often oblivious to the system's update prompts. The worst hit by the ransomware is Windows 7, the system most used by those who consider themselves "computer geeks". Windows 10 was the least affected, as Win10's system updates can't be turned off in the usual way, but only through Group Policy, which keeps most Win10 users on automatic updates.

In the eyes of many, as long as one maintains good Internet habits and computer The new system is a new way to keep your computer safe and secure, and to update your system is a "conspiracy of the operating system vendors".

But what people don't realize is that there are hundreds of ways for a real hacker to make your computer a plaything in his hands, and that a little bit of caution on the part of the average user goes a long way.

There's another voice that's dominant online, and that's "What do I, a little person, have that's worth hacking?" But the truth is that you never know where a hacker's bottom line is. And while this WannaCry didn't hit computers in home network environments, computer users who are used to letting their hair down in corporate offices were still hit. If anyone's work reports were encrypted for ransom, the boss shouldn't be able to blame it on anyone else.

No one is absolutely safe, no one is sure to be missed, it was all just a fluke before, don't think it's a bull's eye that you can turn off Win10 auto-update with Group Policy, it's better to update honestly.

Reflection of the enterprise: let the staff to provide their own system sooner or later, something is going to happen

The second is the level of enterprise organizations, this time, enterprises and institutions, including government departments is undoubtedly the hardest-hit area of the ransomware virus, the main reason for this is the system version of the obsolete, security management negligence, and even the use of pirated systems.

For a variety of reasons, many enterprises have not been able to keep up with the pace of their internal operating system versions, and are still using versions with low security performance or even those that have already ended their lifecycle (e.g., Windows?XP). These types of systems are the easiest line of defense for all viruses to break through because they are deprived of security updates from Microsoft, and all sorts of security holes open the door for new types of viruses.

But this time Microsoft did push the relevant security patches for Windows?XP and Windows?Server?2003 and other operating systems that have been retired, but still points hit, which is the entire enterprise or organization in the internal network security protection did not pay attention to not timely update the system patch and other negligence locks lead to.

And some companies do not provide employees with a standard enterprise version of the operating system, but let the user to prepare their own, in this case that is the staff brought a variety of systems and almost all pirated systems. This is a great risk to have such a group of computers connected to the company's network and accessing the company's internal databases.

More importantly, in the event of a security incident, the company simply does not have the ability to manage all the computers in a unified manner, and can only ask employees how to operate.

In fact, in addition to some of the country's large companies, most companies are this let employees to solve the system problems of their own mode, the main reason is still to save a fortune, however, to do so in the end is earned or lost, I am afraid that only when the important information data stolen hacked, will know it.

So, enterprises and organizations should use the latest version of the operating system as much as possible, to maintain the security of the internal network, and the unified procurement of the enterprise version of the system to master all the company's computer control and management authority.

National reflection: the need for independent operating systems

Lastly, let's take a look at the government and national level. The most interesting aspect of this whole ransomware incident is the tug-of-war between the NSA and Microsoft. Just as all parties are accusing Microsoft of not doing a good job of preventing and blocking vulnerabilities, Microsoft is also pointing the finger at the NSA.

Microsoft is accusing the NSA of not only failing to report the system vulnerabilities to Microsoft after they were discovered, but instead sneaking around using the vulnerabilities to develop a whole suite of hacking tools, and in that tool there are actually as many as 23 vulnerabilities. This raises the question of whether state agencies have an obligation to report system vulnerabilities to operating system companies after they are discovered.

It's hard to give an answer to this question, because in the state's position, exploiting vulnerabilities or even asking for a backdoor in the operating system is tacitly accepted, but it's just that this kind of thing isn't usually done out in the open, and the state certainly doesn't recognize it. So if an accident occurs as a result, it's hard to say whether it's the government's responsibility or the operating system company's, or both.

Because Microsoft is owned by the United States, this country's operating system is used by individuals, businesses, organizations, and national government agencies all over the world.

No one can guarantee that under national pressure, this country's operating system will have any impact on other countries and regions. This time, a small "Eternal Blue" in the global scope of so many things, if the use of "Eternal Blue" is not blackmail a few money hacker organization, but has a special purpose of the U.S. National Security Agency?

Today's operating systems can be considered the backbone of a country

If there is a problem with this backbone, the consequences will be unimaginable, and the bigger problem is that for many countries, this backbone does not have complete initiative, because it is a product of other countries, the remote control is in the hands of other governments.

Perhaps after this incident, the project to develop a domestically owned operating system will be given extra attention, and there will be less cynicism and gossip on the Internet, which is a good thing. As a big country, having your own completely independent operating system is a must.

We don't know whether to say it's a bad thing or a good thing that a ransomware incident has led to so many questions and so much negligence.

But either way, the incident has taught the entire Internet community a lesson, and everyone from individuals to businesses to the national level should be able to identify their own problems. If that's the case, WannaCry is a good teacher, but it's a bit too expensive.

Related articles
  • What are the paths to reduce pollution and carbon emissions from coal resources?
  • How about Guizhou Yinqi Times Enterprise Management Co., Ltd.?
  • May I ask what are the technical hot spots of big data websites?
  • Interesting big data case in Australia
  • Why the virtual software of Targeted Poverty Alleviation APP cannot be used
  • Dangshen Chinese wolfberry red dates astragalus maitake can be brewed together to drink if in the addition of angelica can?
  • What is the lineup of the two teams in Quanjian¡¯s 2-1 away game at Evergrande?
  • What is Distributed Ledger
  • I am now graduating from junior high school, and I did not get into high school in midterm 455. Just want to go to read computer applications, math is particularly bad, can learn?
  • What is Baidu Baijia?

    • copyright 2024 Loan Platform Complete Network All rights reserved