Mass hysteria has broken out across the internet in response to the recent WannaCry Ransomware attack. Panic is leaking into reality. A hacker group calling themselves the Shadow Brokers is taking credit. You can read all about their demands online.
The real question is: did it originate on the dark web? For those of you that are unfamiliar, the dark web is the inaccessible side of the internet. You can’t gain entrance to the dark web from your average web browser.
Jessica Swarner researches at a cyber-security company called CYR3CON. She published an article this week with insight on the origination of the WannaCry Ransomware attack:
“The cybersecurity company CYR3CON, where I am a researcher, found evidence of hackers discussing the attacks before they happened on darkweb forums in several languages including English, Russian, and Arabic.”
The forums you find on the dark web are usually pretty average – with silly names like OnionLand and Torum. Anonymous users will discuss politics and trending topics. The recent WannaCry cyber-attack proves obliviousness is not always the case however. According to Swarner, CYR3CON monitored several dark web forums where the hackers discussed the upcoming attacks.
The Shadow Brokers were shocked at how many systems were unprotected. The vulnerabilities were adding on and on. The opportunity became impossible to ignore. The Shadow Brokers acted and they acted fast. The madness didn’t end there. CYR3CON uncovered precisely named targets of the Shadow Brokers – medical centers that were more likely to pay the ransom.
Swarner’s new information on the origination of the WannaCry Ransomware attack is intriguing. Could this cyber-attack have been prevented?
Hackers don’t care about vulnerabilities. Swarner puts it perfectly in her quote from one of the deep web’s popular sites, Hell Forum: