WannaCry went against many other ransomware strains that came before it
The recent high-profile outbreak of the WannaCry ransomware virus could have a silver lining by bursting the ransomware bubble, according to Rik Ferguson, special advisor for Europol EC3.
Now, this initially sounds like a strange notion when you think about the scale of WannaCry and the damage it caused around the world.
As we now know, WannaCry quickly spread to over 150 countries after tearing through the NHS in the UK before it was eventually stopped by a ‘kill switch’ developed by a security researcher.
However, Ferguson explained that the growth of ransomware over the last couple of years and the building of its reputation has relied on the encrypted data actually being returned to the victim once the ransom has been paid.
That unofficial promise of ransomware is what has primarily persuaded organisations to pay up. They would rather pay quickly and be relatively safe in the knowledge that they’ll get their data back, than have to go through the often lengthy and expensive process of trying to retrieve their data another way.
But WannaCry went against that but not returning the data. While of course causing a huge amount of distress in the short term, Ferguson argued that this could have positive consequences in the long run.
“Wannacry could have killed the goose that laid the golden egg,” he said, speaking at InfoSecurity 2017 in London. “Ransomware relies on ‘honest criminals’ and WannaCry went against that. It was inconsistent with the ransomware that came before.”
Will that signal a change in mindset when it comes to ransomware? Who knows. Security professionals have always advised never to pay the ransom, yet organisations have continued to do to so.
Perhaps the best thing to have come from WannaCry is that the issue is now front of mind for organisations around the world. It might not feel like a positive at the moment, but awareness is never a bad thing in cyber security.
Do you know all about security in 2017? Try our quiz!