Placeholder Image

字幕列表 影片播放

  • It was all over the news on Friday, May 12th:

  • Hospitals in the UK couldn’t get access to their systems and were turning patients

  • away.

  • Car factories in France had to shut down.

  • A Spanish telecommunications company told their employees to shut down their computers.

  • Computers all over the world were being infected by WannaCry, a massive hacking attack that

  • caused worldwide computer chaos.

  • By May 14th, more than 200,000 computers in more than 150 countries had been affected.

  • And yet, the attack didn’t seem to cause much long-term damage.

  • The hackers only made about $100,000 in total.

  • We just witnessed one of the largest and strangest computer attacks ever.

  • WannaCry is an example of a type of attack called ransomware, where the data on an infected

  • computer is encrypted or scrambled.

  • In return for restoring access to your files, the hackers demand a ransom paymentin

  • this case, either $300- or $600-worth of the digital currency bitcoin.

  • There are lots of kinds of ransomware out there, but WannaCry spread very quickly using

  • a tool that security experts believe was created by the NSA.

  • To be clear, the NSA wasn’t interested in ransom, just in snooping, but they created

  • a tool that took advantage of a security weakness in Microsoft software.

  • This tool, dubbed EternalBlue, exploits a vulnerability in something called the Server

  • Message Block, or SMB protocol.

  • The SMB protocol is basically a system for sharing file access across a network.

  • It’s used by lots of people all the time, and the reason why you might never have heard

  • of it is that normally, it’s totally safe.

  • Well, the NSA discovered that in some versions of Windows, the SMB protocol can be tricked

  • into accepting packets of data from remote attackers.

  • EternalBlue was designed to use that flaw as a way in.

  • That’s pretty freaky to think about, but no one outside of the NSA would have known

  • about itand WannaCry might never have happenedif it weren’t for a leak earlier

  • this year.

  • In April, the Shadow Brokers, a group of hackers that’s thought to be tied to Russia, stole

  • EternalBlue from the NSA and published the exploit online.

  • Microsoft quickly released a patch for the issue for the operating systems they still

  • officially support, like Windows 7 and Windows 10.

  • In theory, that should have headed off any potential problems.

  • With the patch, EternalBlue would be useless.

  • But, not everyone actually installs patches and updates their systems regularly.

  • I mean, at some point weve all clicked the button saying "tomorrow!

  • Remind me tomorrow!".

  • It's annoying.

  • And more than 5% of Windows computers are still running XP, even though Microsoft stopped

  • releasing security updates for it three years ago.

  • So, people and organizations worldwide were left with a gaping hole in their cybersecurity,

  • which WannaCry took advantage of.

  • The UK’s National Health Service hospital system was especially vulnerable because as

  • recently as last year, computers in 90% of NHS hospitals were still running XP.

  • It’s easy to blame the hospitals for using a 16-year-old operating system.

  • Like, it doesn’t seem that hard to upgrade.

  • But it’s not that simple.

  • From MRIs to microscopes, practically everything in hospitals uses computer programs, and it’s

  • often hard to get them to work properly with newer operating systems.

  • So upgrading everything would have been a major IT investment.

  • The hospitalsdata was all backed up, though, so within a day of the attack, pretty much

  • everything was up and running again, no ransom payments needed.

  • But just like not everyone downloads and installs those annoying software updates promptly,

  • not everyone is as vigilant about backing up as they should be.

  • So even though most big organizations were fine, lots of individual people were losing

  • access to their data.

  • That is, until someone discovered that WannaCry had a major flaw: a kill switch that an anonymous

  • cyber security expert in England discovered almost by accident.

  • The hero, who goes by the name MalwareTech, was looking through the WannaCry code as it

  • spread on Friday and found that it was built to check whether or not a specific gibberish

  • URL led to a live website.

  • So he registered the domain name to see what would happen.

  • And it turned out to be a kill switch built in by the ransomware’s creators.

  • Registering the URL was a signal that stopped the malware from spreading.

  • New variants of the malware have popped up and continued to spread, but theyve mostly

  • included their own kill switch domain names, leading to a game of cyber security whack-a-mole.

  • It’s not clear why the hackers behind the attack included this in the code, but were

  • lucky they did.

  • And that’s the thing: the part of the ransomware’s code that’s based on EternalBlue is really

  • sophisticated.

  • But according to security experts, having a kill switch was an amateur mistake.

  • So was the way the hackers set up their ransom payment system.

  • They didn’t code it in a way that let them keep track of who actually paid the ransom,

  • and it’s set up so they would have to decrypt each victim’s files manually.

  • Which might explain why almost no one seems to have gotten their files decrypted.

  • But a more sophisticated attack could have done a lot more damage.

  • At this point, there’s no reason anyone else should be affected by WannaCry or its

  • copycats: Microsoft released special one-time patches for old operating systems that are

  • vulnerable, including Windows XP, so no matter what youre running, youre safe if you

  • update.

  • And if you were infected by WannaCry, security researchers have released tools that can decrypt

  • your files as long as you haven’t rebooted your computer.

  • We still don’t know for certain who was behind this, and we may never find out.

  • This won’t be the last time a malware attack sweeps the planet, though.

  • Hackers are always finding new vulnerabilities, and there are always going to be people who

  • don’t update right away.

  • So, WannaCry’s lesson is clear: install those updates, and back up your stuff.

  • Thanks for watching this episode of SciShow News.

  • Hopefully we don’t have to make another news episode about a massive computer attack

  • any time soon, but if you want to learn more about some really bad ones, check out our

  • video about the worst computer viruses of all time.

It was all over the news on Friday, May 12th:

字幕與單字

單字即點即查 點擊單字可以查詢單字解釋

B1 中級 美國腔

為什麼WannaCry攻擊事件會有這麼大的影響? (Why Was the WannaCry Attack Such a Big Deal?)

  • 38 4
    mommy 發佈於 2021 年 01 月 14 日
影片單字