Computer Security - (Assignment)
Added on 2022-08-12
15 Pages2875 Words18 Views
Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of the Student:
Name of the University:
Author note:
COMPUTER SECURITY
Name of the Student:
Name of the University:
Author note:
COMPUTER SECURITY1
Part A: WannaCry
(1) WannaCry is a Cryptoworm and Ransomware virus. This only attacks the computer
system running on the Microsoft windows. The devastating effect of the virus encrypts all
the information in the system which then becomes in accessible by the authentic users as
well. For the hackers to act on a system with the WannaCry virus, all he or she has to do
is to convince the user in downloading a malicious file which just by opening causes the
encryption of all the data and information in the system within three seconds, making it
completely invincible in terms of stopping the attack (Mohurle and Patil 2017). In order
to give the key to the encryption back, a high ransom is demanded from the company
using the operating system by the hackers.
(2) Within just days of its discovery, it was successful in affecting thousands of systems in
150 countries across the globe. It has a huge impact on global economy. A sum of around
$ 4 Billion loss was suffered by the companies across the world. Not only that, the
systems crippled instantly without any ones knowledge making it one of the toughest
thing to stop. As mentioned earlier, the time taken for the whole thing to affect the device
or the system is only three seconds, which is too less to prevent any attack in the world.
Even after 3 years of the alleged incident, we are still under a continuous threat of the
WannaCry virus (Martin et al. 2018).
(3) United States National Security Agency developed EternalBlue. This is one of the cyber-
attack developed by the NSA was leaked by a group of hackers named Shadow Brokers
on the 14th of April, 2017. Based on this cyber-attack technique, the WannaCry was
developed. The leaked technique of the NSA was weaponized by the hackers for their
benefits. Microsoft released the patches for Eternalblue to enhance the information
Part A: WannaCry
(1) WannaCry is a Cryptoworm and Ransomware virus. This only attacks the computer
system running on the Microsoft windows. The devastating effect of the virus encrypts all
the information in the system which then becomes in accessible by the authentic users as
well. For the hackers to act on a system with the WannaCry virus, all he or she has to do
is to convince the user in downloading a malicious file which just by opening causes the
encryption of all the data and information in the system within three seconds, making it
completely invincible in terms of stopping the attack (Mohurle and Patil 2017). In order
to give the key to the encryption back, a high ransom is demanded from the company
using the operating system by the hackers.
(2) Within just days of its discovery, it was successful in affecting thousands of systems in
150 countries across the globe. It has a huge impact on global economy. A sum of around
$ 4 Billion loss was suffered by the companies across the world. Not only that, the
systems crippled instantly without any ones knowledge making it one of the toughest
thing to stop. As mentioned earlier, the time taken for the whole thing to affect the device
or the system is only three seconds, which is too less to prevent any attack in the world.
Even after 3 years of the alleged incident, we are still under a continuous threat of the
WannaCry virus (Martin et al. 2018).
(3) United States National Security Agency developed EternalBlue. This is one of the cyber-
attack developed by the NSA was leaked by a group of hackers named Shadow Brokers
on the 14th of April, 2017. Based on this cyber-attack technique, the WannaCry was
developed. The leaked technique of the NSA was weaponized by the hackers for their
benefits. Microsoft released the patches for Eternalblue to enhance the information
COMPUTER SECURITY2
security, but the tool was already in use by the hackers which affected the entire
European companies and other Middle Eastern country’s companies as well.
(4) The Server Message Block or the SMB protocol was mainly exploited by EternalBlue by
NSA which when leaked was also misused by the infamous Ransomware- WannaCry.
This immediately stopped the access of the authentic users around the world form
accessing their information. The entire systems crippled in companies and other
institutions. All though the patch was immediately delivered by the Microsoft
Corporation which helped in fixing the issues to a certain extent (Mattei 2017).
(5) The CVE number for the issues related to EternalBlue is CVE-2017-1044. CVE Stands
for Common Vulnerabilities and Exposure.
CVE-2017-18346 for the SQL injection vulnerabilities, Fix Information, Vulnerable
Software Versions, SCAP Mapping and others.
CVE-2017-18601for CPE Information, Vulnerable Software Versions, CVSS Severity
Rating.
CVE-2018-6318 for the Sophos Tester Tool 2.2.0.7 for testing exploit software, hijacking
attack, and similar.
CVE-2018-19589 for the Incorrect Access Controls of the Security Officer.
CVE-2017-18362 for the management of the IT integration for the Kaseya VSA. This is a
vulnerability that is operated from the remote access and allows the attacker to access the
databases directly without any hindrance.
(6) Apart from the NHS (National Health Security USA), there are numerous organizations
that were affected by the WannaCry which includes some of the infamous companies as
well. the list of the companies are given in the section below:
security, but the tool was already in use by the hackers which affected the entire
European companies and other Middle Eastern country’s companies as well.
(4) The Server Message Block or the SMB protocol was mainly exploited by EternalBlue by
NSA which when leaked was also misused by the infamous Ransomware- WannaCry.
This immediately stopped the access of the authentic users around the world form
accessing their information. The entire systems crippled in companies and other
institutions. All though the patch was immediately delivered by the Microsoft
Corporation which helped in fixing the issues to a certain extent (Mattei 2017).
(5) The CVE number for the issues related to EternalBlue is CVE-2017-1044. CVE Stands
for Common Vulnerabilities and Exposure.
CVE-2017-18346 for the SQL injection vulnerabilities, Fix Information, Vulnerable
Software Versions, SCAP Mapping and others.
CVE-2017-18601for CPE Information, Vulnerable Software Versions, CVSS Severity
Rating.
CVE-2018-6318 for the Sophos Tester Tool 2.2.0.7 for testing exploit software, hijacking
attack, and similar.
CVE-2018-19589 for the Incorrect Access Controls of the Security Officer.
CVE-2017-18362 for the management of the IT integration for the Kaseya VSA. This is a
vulnerability that is operated from the remote access and allows the attacker to access the
databases directly without any hindrance.
(6) Apart from the NHS (National Health Security USA), there are numerous organizations
that were affected by the WannaCry which includes some of the infamous companies as
well. the list of the companies are given in the section below:
COMPUTER SECURITY3
FedEX
Nissan
Russian Railway System: The systems froze and the telecommunication units
stopped working completely.
Hitachi: The Company suffered as well but the loss was not as much.
Chinese Public Security Bureau: the Information data base of the public security
was completely sabotaged. The information were inaccessible along with
numerous other problems occurring in the systems as well (Branquinho 2018).
(7) The infamous cryptoworm, the WannaCry is one of the most widely spreading virus in
the year of 2017 compromising around a billion of computers around the world. The
virus spread rapidly resulting in the compromised system with denial of authorized
access. This has resulted in the financial loss of around $ 4 billion in the global economy.
Mostly the European and the middle-eastern countries were affected; however it was
originated from the leaked technology of the United Stated NSA’s EternalBlue
technology being hacked by the Shadow Broker attacking group. In order to prevent that
from occurring, it is necessary to undertake few steps and they are:
Staying updated all the time. The attacks were mainly observed in the Windows
system, thus new security patch levels are frequently updated such that the
systems can stay protected.
Avoid opening files and sites from the unprotected websites, as they can be the
host of the virus.
Backing up of the data is also one of the ways in which the hazard due to
WannaCry can be prevented.
FedEX
Nissan
Russian Railway System: The systems froze and the telecommunication units
stopped working completely.
Hitachi: The Company suffered as well but the loss was not as much.
Chinese Public Security Bureau: the Information data base of the public security
was completely sabotaged. The information were inaccessible along with
numerous other problems occurring in the systems as well (Branquinho 2018).
(7) The infamous cryptoworm, the WannaCry is one of the most widely spreading virus in
the year of 2017 compromising around a billion of computers around the world. The
virus spread rapidly resulting in the compromised system with denial of authorized
access. This has resulted in the financial loss of around $ 4 billion in the global economy.
Mostly the European and the middle-eastern countries were affected; however it was
originated from the leaked technology of the United Stated NSA’s EternalBlue
technology being hacked by the Shadow Broker attacking group. In order to prevent that
from occurring, it is necessary to undertake few steps and they are:
Staying updated all the time. The attacks were mainly observed in the Windows
system, thus new security patch levels are frequently updated such that the
systems can stay protected.
Avoid opening files and sites from the unprotected websites, as they can be the
host of the virus.
Backing up of the data is also one of the ways in which the hazard due to
WannaCry can be prevented.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
CVE-2017-0144 Vulnerabilitylg...
|4
|666
|199
Demonstration of a Cyber Security Threat: Ransomwarelg...
|19
|815
|500
The WannaCry Ransomware: Concept, Impact, and Responselg...
|13
|774
|175
Cyber Security: WannaCry Ransomware Attack Discussion 2022lg...
|10
|1923
|20
Ransomware Attacks: WannaCry and NotPetyalg...
|10
|1871
|366
EternalBlue Exploit: Demonstration and Risk Assessmentlg...
|15
|2257
|268