Darknet Diaries 73: WannaCry
68 snips
Sep 1, 2020 In this engaging discussion, Matt Suiche, founder of Comae Technology and an expert in incident response, dives deep into the infamous WannaCry ransomware attack of May 2017. He shares firsthand accounts from the UK’s NHS, revealing the chaos as medical staff scrambled to maintain patient care without their usual tech aids. Unpacking the attack's global disruption, Matt highlights the cybersecurity community's rapid response and the pivotal discovery of a 'kill switch' that halted the ransomware, tying it to larger threats from North Korea's notorious Lazarus Group.
AI Snips
Chapters
Transcript
Episode notes
Shadow Brokers and Matt Suiche
- The Shadow Brokers mentioned Matt Suiche in a tweet, causing him amusement rather than concern.
- Matt believed the Shadow Brokers were likely U.S.-based, finding their communication style entertaining.
EternalBlue and Patching
- WannaCry exploited the EternalBlue vulnerability, patched by Microsoft a month before the attack.
- Many computers remained unpatched, contributing to the ransomware's rapid spread.
Ransomware Response
- If hit with ransomware, understand the attacker and the situation before acting.
- Consult an expert for tailored advice based on specific circumstances.