The WannaCry Ransomware crippled major Russian banks, the Russian Central Bank said on Friday, in its first official acknowledgment by Moscow that the attack had a major impact on the banking system.
In an official statement, the central bank said the consequences of the ransomware attack had been dealt with quickly. Previously, the central bank said Russian banks were targeted in a cyberattack last week, although, the attack had been largely unsuccessful as no data had been compromised.
WannaCry ransomware, also called WannaCrypt, appears to use a security flaw in Microsoft’s software, discovered by the National Security Agency and leaked by hackers, to spread quickly across networks locking down files.
A British security expert managed to stop the attack by triggering a “kill switch,” although the ransomware has continued to create havoc. Microsoft released a security patch in March, but over than 20% of Russian users have not updated their OS.
Sberbank, Russian’s largest bank released a separate statement confirming the integrity of its network. “The cybersecurity systems have discovered attempts to infect the bank infrastructure in due course. The bank network is protected from such attack. No virus infection happened,” it said.
One Nation’s Love for Pirated Software
Russia’s reputation as a cyber-savvy nation dwindles as the nation remains vulnerable to the code hidden inside the email attachments. Over half of the 200,000 ransomware attacks targeted Russian users. This is largely because at the helm of the attack is the country’s aging computing infrastructure and a sloppy approach to cybersecurity. Also, Russian computer users commonly use unlicensed (pirated) or outdated version of Windows OS, and thus are not privy to security updates.
Another reason is Russian user’s complacent reliance on facile anti-virus defenses. It’s alarming how the cyber-savvy Russians haven’t yet updated to advanced defenses with the ability to scan incoming email for potential security threads.
Cybersecurity researchers are yet to determine the origin of the WannaCry ransomware. However, it is clear from the number of nations affected that the intended attacks were global. The ransomware proliferated quickly across 150 countries, affecting 200,000 computers, according to Europol, the European Union’s police agency.
Last week, Russia’s Interior Ministry confirmed attacks on about 1,000 computers using Windows OS.
Researchers believe the attack is the work of a richly funded criminal organization, given the nature of sophistication it involves. The ransomware has translations for several languages, displaying instructions for paying the ransom in the language set for that computer.