Marcus Hutchins, British cybersecurity researcher, alias, MalwareTech, was able to stop the spread of WannCry’s infection. How? It was simple. He bought a website. As computers across the nation were hit by the ransomware attack which has now been tracked to North Korean hackers, panic was rampant. WannaCry, as it was nicknamed, targeted both end users and corporate servers. It managed to lock them down and it insisted on an unlock fee from all of the victims. Worse, the malware would spread the infection to other systems that weren’t infected.
In spite of the fact that Microsoft issued an emergency patch for XP series, the patch was too late and many still struggled as they had the malware and couldn’t move forward without paying the fee. Finally, it was broken by a single white-hat hacking expert. At the time, WannaCry gained its notoriety, the young 22-year-old had been studying codes that were responsible for such pandemonium so that he could understand it. After he noted that an infected system contained a specific set of instructions that directed the system to check on a gibberish URL he focused on what it was. As he registered the domain name it mentioned for just $10, he allowed some curiosity to take over and it bought the security researchers some valuable time in which they could kill it off and stop the virus.
Experts now believe that the initial infections of the WannaCry were carried out by a number of phishing attacks via email or exploiting network security holes. Then, the malware would spread itself through the Windows vulnerability. It seems that the malware’s creators programmed a “kill switch” should hey have to deactivate the infection. So, WannaCry would check the fake URL every time it would infect a computer. As long as the fake URL wasn’t live, it would continue on infecting and reinfecting.
Fortunately, once Hutchins registered the domain, the malware stopped. Because now it had a real URL to go to. Even if the infected systems stayed on lockdown, others could save their systems. It gave many time ti update and add in the patch before their computers were infected. Thousands of potential victims were saved from the WannaCry malware thanks to this one domain being registered.
Sadly, next time it comes around, there will be a newer version and it may not be as easy to eradicate. It may lack the safety kill switch that the predecessor had. So, cybersecurity warriors are hard at work working to track down the WannaCry source. They are busy patching holes and upgrading all of their security to ensure that they can’t be victims and that no one else has to be a victim either. Many aren’t familiar with security systems and thus are unprotected. They’re not familiar with the perpetrators and they don’t have any means to stop such attacks. However, security experts are working hard to stop any would be attacks.