The recent WannaCry ransomware attack, which spread to more than 100 countries, is only the beginning in a series of similar attacks, according to Cătălin Coșoi, head of the Bitdefender’s investigation team coordinating the relations of the company with institutions such as NATO, Europol, Interpol, or national response centers to cyber-security incidents, Agerpres reported.

Romanian group Bitdefender is a global technology security company which provides cyber security solutions to more than 500 million users across businesses and homes in more than 150 countries.

“The WannaCry 1.0 and 2.0 versions, a type of fast-spreading ransomware that blocks the data of the users and then asks for a ransom, are only the beginning in a series of similar, ample attacks, making WannaCry one of the most significant IT threats of the next 12 months. The amplitude of the WannaCry phenomenon can be reduced rapidly if Microsoft decides to push an update to all users who do not use the most recent version of the Windows operating system. This measure has been taken before, and the reach of the WannaCry threat could justify this again, in a controlled and coordinated method, with the support of authorities and of cyber-security companies. Although the measure of updating without the user’s permission would force the limits of current legislation, the Bitdefender expertise in cyber-security has proven that, many times, current regulations do not keep up with the evolution of the criminal phenomenon. This is why cooperation between authorities and the IT security industry is more needed than ever,” Coșoi explained.

The computers in public institutions, hospitals, and other social sector organizations are not usually updated with the most recent OS system, the Bitdefender representative said.

“If the respective terminals are not infected by ransomware now, they will remain vulnerable to other threats, including cyber-attacks sponsored by other states. In the event of such a scenario, ransomware would be a fortunate case, because it produces palpable consequences. On the other hand, the advanced threats used for espionage purposes could exploit the vulnerability of the operating system and systematically steal information for a long time, without being detected,” Coșoi explained.

According to him, one of the most pessimistic scenarios would be that “state actors use the Windows vulnerability to install threats on the infrastructure of other countries.” “Later, attackers could even operate the needed updates and solve various vulnerabilities on devices, so no one else exploits them. This hypothesis represents a plausible scenario as long as the entire attention goes now on preventing the WannaCry ransomware threat, allowing more sophisticated attacks to be built and easily executed and the spread to run without any alarm systems,” he explained.

A global WannaCry ransomware attack took place last weekend, affecting some 100 countries. The attack, which has been called “unprecedented” by Europol, has affected hospitals in Britain and Spanish telecom operator Telefonica, as well as courier service FedEx in the US. Car-maker Dacia had to halt its local production activities because of the attack.

WannaCry is a ransomware attack which exploits a vulnerability of the Microsoft Windows operating system. Once installed on the infected computer, the virus encrypts the users’ files and demands payment in bitcoin to allow the victims to access their data.

Romanian Intelligence Service carries out cyber-security exercise at over 60 institutions

editor@romania-insider.com