WannaCry: Cyber Attack on NHS Hospitals May 2017

University of South Wales: Information Security & Privacy

Well, the Cyber Attack against the NHS has certainly caused a storm of protest. Monday we are told to expect a second wave of attacks.  So how did researchers manage to stop this attack so quickly?  The answer is that the coders made some very simple errors. They hardcoded in a kill switch, which UK researchers registered and triggered.

Here’s the code:

wcry code



Step 1 – Hit the kill switch – if there is one

MalwareTech requested the domain that acts as a kill switch.

This stops the infection of new devices.

wcry code

Step 2 – Look for unregistered Malware control server domains – as a Procedure

Now one thing that’s important to note is the actual registration of the domain was not on a whim. My job is to look for ways we can track and potentially stop botnets (and other kinds of malware), so I’m always on the lookout to pick…

View original post 357 more words


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s