An extensive worldwide cyber attack was stopped in its tracks by a 22-year-old British cybersecurity researcher.
Before it was thwarted using a simple domain registration, the attack had affected a large number of major government, financial and health service networks in North and South America, Asia, Europe Africa and Australia.
Clip via Fox News Channel
The attack, which was an attempt to extort millions from the affected entities, was stopped when the researcher, identified only as “MalwareTech,” discovered the “kill switch” and put an end to the scheme.
“US President Donald Trump ordered homeland security adviser, Tom Bossert, to hold an emergency meeting Friday night to assess the threat posed by a global computer ransomware attack in at least 150 countries, a senior administration official told Reuters,” according to the Jerusalem Post.
In a blog post describing the incident, MalwareTech said he first became aware of the attack when the UK’s national health system became affected, putting an end to his vacation.
“I made it a total of 4 days without working, so there’s that,” he said.
He continued:
When I returned home at about 2:30, the threat sharing platform was flooded with posts about various NHS systems all across the country being hit, which was what tipped me of to the fact this was something big. Although ransomware on a public sector system isn’t even newsworthy, systems being hit simultaneously across the country is (contrary to popular belief, most NHS employees don’t open phishing emails which suggested that something to be this widespread it would have to be propagated using another method). I was quickly able to get a sample of the malware with the help of Kafeine, a good friend and fellow researcher. Upon running the sample in my analysis environment I instantly noticed it queried an unregistered domain, which i promptly registered.
My blog post is done! Now you can read the full story of yesterday’s events here:https://t.co/BLFORfM2ud
— MalwareTech (@MalwareTechBlog) May 13, 2017
But MalwareTech, am independent researcher, wasn’t working alone on this one. He’s part of a global cybersecurity community. Darien Huss, a 28-year-old Western Michigan engineer for Proofpoint, was also working furiously on the problem.
Huss noticed that the extorters left a kill switch in their coding and shared it on Twitter. That brought the two of them together. This is what the pair had discovered:
“That registering the domain name and redirecting the attacks to MalwareTech’s server had activated the kill switch, halting the ransomware’s infections,” Fox News reported.
Check out this NYT post, they made a really cool time based map with my data https://t.co/K7lVjagq29
— MalwareTech (@MalwareTechBlog) May 13, 2017
Eventually the entire cybersecurity community, including Huss, described MalwareTech the hero in the incident.
“I think the security industry as a whole should be considered heroes,” Huss said, but also cautioned others that the criminals could re-launch the extortion scheme — this time without a kill switch, or a better hidden one.
“I think it is concerning that we could definitely see a similar attack occur, maybe in the next 24 to 48 hours or maybe in the next week or two,” Huss said. “It could be very possible.”
Those outside the cybersecurity community also gave their thumbs up.
Wake up right! Receive our free morning news blast  HERE
@FoxNews Give that kid a medal and an unlimited supply of hot pockets and Xena tapes?✌? pic.twitter.com/sDsUatpLNZ
— Lee Ardis (@lee_ardis) May 14, 2017
@FoxNews Wow ?
@FoxNews All those businesses should pay the guy $1,000 each … He’ll be set for life!
— Gary (@AskGoo) May 14, 2017
!!!— Susan (@sueinwny) May 14, 2017
@FoxNews All those businesses should pay the guy $1,000 each … He’ll be set for life!
— Gary (@AskGoo) May 14, 2017
And a few others believed it was time to turn things around with a new hiring blitz.
@FoxNews The FBI and the CIA should be openly soliciting young computer wizards for their hacking skills and paying them well.
— Ralph Jinks (@Xpress39) May 14, 2017
@FoxNews Honestly, our cyber team should be all under 25 years old. Instead these bloated agencies are run by dinosaurs #draintheswamp
— The New Treasury (@TheNewTreasury) May 14, 2017
The ransomware took advantage of a vulnerability in Microsoft Windows, first reported by the National Security Agency.
DONATE TO BIZPAC REVIEW
Please help us! If you are fed up with letting radical big tech execs, phony fact-checkers, tyrannical liberals and a lying mainstream media have unprecedented power over your news please consider making a donation to BPR to help us fight them. Now is the time. Truth has never been more critical!
- ‘Act like a grownup’: Drunk driver sobs when she loses plea deal by coming 4 hours late to court - July 23, 2017
- ‘I would’ve fired her the day I met her’: Glenn Beck reveals more about Tomi Lahren mess - July 23, 2017
- Canadian thug beats 74-year-old cyclist bloody with a club in road rage fit– and they say US is more violent? - July 23, 2017
Comment
We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.
BPR INSIDER COMMENTS
Scroll down for non-member comments or join our insider conversations by becoming a member. We'd love to have you!
