West Michigan man hailed as Hero for stopping global cyber attack.

A massive worldwide cyber attack crippled computers worldwide in a blackmail scheme that demanded payment or else data systems would be impacted.

The attack hit computers in about 100 countries including China, Russia, France and Brittan where the National Health Service was compromised temporarily shutting down some emergency rooms and misdirecting ambulances.

But it was a computer security engineer who works out of his home in Fremont that brought the attack to a halt.

The attack happened Friday using a flaw in Microsoft systems that was revealed in a release of National Security Agency information. The malware named “WannaCry” created a huge mess.

“It’s very serious, I mean this is something we’ve been worrying about for a long time, this kind of wide-scale attack,” said Benn Rapp, CEO of Managed Networks IT security firm in Great Britain.

To the rescue came 29-year-old Darien Huss, a Purdue University graduate and senior security research engineer at cybersecurity firm Proofpoint. He works for a California company, but lives in Newaygo County to be near his wife’s job.

“We not only investigate attacks against our customers, we also investigate anything that’s going on around the globe,” Huss told 24 Hour News 8 Saturday.

After he was put on the case, Huss said he reverse engineered the cyberattack and soon tracked down the domain name of the attacker. They then spent $10.69 to legally register the domain name of the attacker which gave them access to it.

“It really did not take long to figure out that there was a kill switch feature in it,” Huss said.

So working with a fellow cyber-sleuth in the UK, they were able to throw the so-called kill switch that stopped the attack in its tracks and allowed the thousands of infected systems to begin recovering from the attack, but not before more than $20,000 in bitcoin ransoms had been paid at $300 to $600 a pop.

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, Saturday, May 13, 2017. (AP Photo/Mark Schiefelbein)

But the damage done by the disruption in data systems will be massive.

“This is probably one of the largest and widespread cyberattacks in the last 10 years,” Huss said.

Huss said while the attack was devastating, he was still ready to talk a little cyber-smack against whoever created the problem. He is hopeful that there will be an arrest.

“With the amount of law enforcement that are going to be investigating this, I really would not be surprised if the individual or individuals are apprehended,” Huss said.

Saturday, Huss has become something of a superhero in the cybersecurity world and has been giving interviews to newspapers and TV stations around the globe, including CNN and BBC News.

“Personally, I really feel like I didn’t play a huge role in everything — all I really did was figure out that there was a kill switch feature,” Huss said. “It just goes to show how interconnected our world is and how something so simple can have a devastating impact on everybody.”

Huss says it’s likely whoever did this will try again and will learn from his mistakes and may not be so easy to beat next time.

“We may possibly see copycats use the same exploit and deliver different payload,” Huss said.

He says staying safe is pretty straight-forward, backup your data, update you software and get rid of vulnerable protocols.

Views: 180

Reply to This

Replies to This Discussion

4 Old Internet Protocols Increasingly Vulnerable to Hacking Attacks

b2ap3_thumbnail_language_security_400.jpgWhen the Internet was first established, malware and hacking were in their infancy, and not as much of an immediate problem as they are today. Thanks to this fact, the Internet wasn’t really created with a certain security design in mind, and has instead adapted to shifts in its environment. Unfortunately, as hackers grow more powerful, several of these patchwork protocols are growing outdated.

While some of these protocols have been fixed routinely over the years, it’s only growing more evident that these will require a more powerful fix sooner or later. According to InfoWorld, here are some of the more important protocols which are growing outdated with each passing year.

Border Gateway Protocol (BGP)
BGP is one of the more prominent protocols used in the modern technology world. Internet routers use this to exchange information over networks. Since it’s been around since the beginning days of online computing, it’s necessary to proper online function. However, it hasn’t evolved to change with the times, and is vulnerable to being exploited for malicious activity. This type of attack happens when a hacker forces the device to route the network traffic elsewhere (for example, a malicious website). These types of attacks have happened in the past, and will continue to appear until a more effective protocol is found.

Simple Mail Transfer Protocol (SMTP)
The modern business also relies on email, which is reliant upon a protocol called SMTP. At the time the Internet was created, it was the easiest way to transfer mail via the web. As previously mentioned, SMTP was created before the Internet exploded with threats, so it’s only natural that vulnerabilities to new and more dangerous hacks would arise. While various fixes are available, it’s ultimately up to the network administrator to ensure that SMTP is as secure as it’s supposed to be.

Domain Name System (DNS)
The same protocol that breathes life into your website is also fundamentally flawed, thanks to the efforts of hackers all over the world. DNS is what’s responsible for taking your website’s IP address and connecting it to your domain name. For example, by exploiting a vulnerability in the way DNS functions, the Iranian Cyber Army managed to redirect Twitter’s traffic to an entirely different domain hosting a defacement page. While multiple attempts to fix this issue with DNS have been made in the past, some can affect the performance of the DNS server itself; as such, a fix is still in the works.

Secure Sockets Layer (SSL)
You might recognize this one, especially if your site utilizes a security certificate. SSL was an encryption protocol designed to keep data transfer private both to and from the network. The problem here lies in the fact that SSL hasn’t received an upgrade since 1996, and in light of the recent vulnerability found during the POODLE attacks last year, the world’s most popular browsers (Google Chrome, Mozilla FireFox) are thinking of scrapping SSL altogether. Unlike these other protocols, SSL already has a replacement: Transport Layer Security, or TLS. This means that SSL support is on its last leg, as it should be.

While the integrity of the Internet itself can seem questionable at times (especially considering the state of its protocol), your company’s own security standards don’t have to be. Network Synergy offers managed IT services designed to prevent and protect your business from threats which might target your business’s data infrastructure. Our Unified Threat Management solution (UTM) comes complete with a firewall, antivirus, spam-blocking, and web filtering solutions to keep dangerous entities away from your network

RSS

© 2024   Created by XLFD.   Powered by

Badges  |  Report an Issue  |  Terms of Service