A massive worldwide attack on computer systems and networks across the world by the so-called WanaCry ransomware made headlines over the weekend. And for one of the biggest antivirus companies in the world, Prague-based Avast, this is both a wake- up call and a warning to users.
It became aware of the massive ransomware attack across the world early on Friday and it was soon apparent that this was something very different to what had gone before. The attack mostly focused on Russia, Ukraine and Taiwan, but some of its worst effects were soon felt elsewhere such as at dozens of hospitals in Britain or at Spain’s main telecoms company, Telefonica. The main target of the attack was business networks and not individual computers which were a lot less vulnerable.
Jakub Kroustek is Avast’s head of its Threat Lab Team. He explained the particularity of the latest high profile attack:
"Well, the special thing is this is ransomware. And it is still not common for ransomware to act as a computer worm, but this one did. This is the special aspect; that it was trying to spread itself on its own. There were no exploit kits or the other more usual delivery methods."
Avast has been able to protect 200,000 users since the start of the attack, which has helped put ransomware firmly in the malware spotlight. But ransomware attacks – in which users’ files and dossiers are effectively kidnapped with a ransom payment demand made for their release – have already been around for around 20 years, according to Mr. Kroustek. In the last year or two, such attacks have been recognised as the biggest single threat to computers and networks with hundreds of different types of ransomware strains being developed.
Kroustek says that the latest threat had already been on the anti-virus companies radar screen for a while and they had already developed protection against it. One of the reasons though that it was able to spread so far and so fast was that many users had ignored using tabs that had already been developed to counter it.
"In this particular case, there was a fix for this vulnerability available for weeks but we still see large scale spreading because patches were not applied. This is something that users and administrators should do on a regular basis.ʺ
So, many companies were forewarned but they were not fore-armed.
Avast, already one of the leading antivirus companies in the world, put itself at the top of the sector when it announced around a year ago that it would take-over its fellow Czech company AVG. Together they have more than 400 million antivirus customers around the world with major presences on all continents and nearly every market.