WannaCry is unique because \

WannaCry is unique because "it is a huge attack coming from everywhere".

Robust ransomware WannaCry made headlines over the weekend for infecting thousands of computers worldwide. While attacks have slowed down, the extent of the local impact is still not clear.

ITWeb spoke to cyber security professionals at ITWeb Security Summit 2017 taking place in Midrand, to find out what they thought of the virus.

Danny Myburgh, MD of Cyanre, a computer forensic lab, says he had spoken to two firms at the summit which said they had small clients affected.

"But it sounds a bit cloak-and-dagger, as names of the companies were not mentioned. There is a lot of uncertainty regarding the actual impact in South Africa."

He did say there has been a flood of marketing around it though, with companies trying to sell products and services on the back of the hype. Myburgh believes businesses should open up about if they were attacked.

He says this is because: "We finally have the attention of board directors to the importance of cyber security, but if we are not showing them case studies or information then they will not believe us next time."

Jakes Jansen, incident response senior manager at Cyanre, says he did not receive any calls over the weekend from customers to say they had been affected, but a few asked how they can protect themselves against it.

Jansen says the ransomware is unusual because of the way it propagates, through a Windows vulnerability, but it can still infect individual computers through suspicious links and other nefarious ways.

Andrew Bushby, UK director of sales at Fidelis Cybersecurity, says the company has had clients who have isolated the malware before it spread through their systems.

He says WannaCry is unique because it is a huge attack coming from everywhere, where normally it would be cyber criminals attacking one particular company. He says the scale of the attack cannot be coming from one person.

Fidelis issued a report on the virus this week and noted WannaCry "is the first true Internet-scale worm − one that can self-propagate over networks − observed since Conficker in 2009".

Paul Roberts, also from Fidelis Cybersecurity, says in cyber hacking, there is an unwritten rule that ‘you do not hit healthcare services' and these were among the worst affected in the UK.

This suggests, he says, it might have spread to the National Health Service in the UK by accident, and highlights how dangerous a worm of this nature can be.

Fidelis says even though the attacks seem to be abating, it is being modified and more versions will be seen.

"No longer is cyber security a luxury, it is a necessity."

Maiendra Moodley, financial systems and processes head of department at SITA, says there has been huge interest in WannaCry from government and individuals.

Maeson Maherry, solutions director at LAWtrust, says the attacks highlight why it is important to encrypt information in-house, before it is encrypted by malware.

He says this way, if information is stolen, it can't be analysed or used afterwards.

Over 200 000 organisations and private individuals were reportedly hit in 150 countries since last week Friday with the first wave of the WannaCry ransomware.

The malware exploited a now patched Microsoft Windows vulnerability which was held back from the computing company by the US National Security Agency and revealed in the Shadowbrokers dump in March.

It requires no human interaction for the virus to be activated on a system, which differentiates it from other ransomware files which need users to click on suspicious links.

This means all computers that did not run the latest patch pushed by Microsoft in March are vulnerable.

Those who have been attacked by the virus are encouraged not to pay, but instead restore their computer from a previous backup.