WannaCry Is Back!

WannaCry virus is back and is now attacking Australian traffic cameras and even caused a Honda Plant in Japan to shut down. Honda Motor Company had to halt their vehicle production after they found WannaCry ransom ware in their computer network.

The Sayama Plant of Honda in northwest Tokyo produces an output of 1000 vehicles on average and their models range from Accord to Odyssey. However, this plan was forced to close down on June 19 Monday due to the ransom ware that was discovered on Sunday, June 18.  The production has continued up to today but the data breach left a lasting effect.

A spokesperson from Reuters that the virus not only attacked networks in Japan but also in North America, China, Europe and other regions. These regions tried very hard to secure their systems in Mid-May when it was on its peak but still these efforts weren’t enough to stop it.

The WannaCry virus found a weak spot in the Sayama plants operational system. The plant was using Microsoft’s Windows 10 operating system and the virus used a backdoor to enter the systems and seize it. At first it looked as if the Sayama Plant was the only Honda production facility that was affected but Renault and Nissan were affected in a similar way by WannaCry last month.

This caused their production to be stopped forcefully in Britain, India, France and other countries.  Securities have warned these companies that after this attack other iterations of viruses could come in as well. However these plants were not the only thing affected by WannaCry; this virus even affected the traffic camera’s in Australia.

The Victoria Police confirmed that the virus wreaked 55 traffic cameras as well as speed cameras that were operated by a third-party, Redflex. The police claimed in a statement that the virus has been detected however the camera system was affected. The police decided to look into the incidents identified by speed and red light camera throughout the time in question. The integrity of the camera system was not affected.

The security officials from UK claim that WannaCry ransom ware has ties with a hacking group in North Korea. According to BBC’s report they believe that this attack was launched by a group called Lazarus. This group is strongly connected to North Korea and this is not the first time Lazarus has been connected with ransom ware.

Symantex says that it is sure that WannaCry ransom ware is connected to Lazarus. Lazarus is also the cybercrime organization that is responsible for the hack in Sony Pictures and that stole millions of dollars from the Central Bank in Bangladesh. When Symantec’s Security Response Team, carried out an analysis of the WannaCry attacks they unraveled that the ample commonalities in techniques, the tools use and infrastructures were similar to the previous Lazarus attack making it very unlikely that Lazarus is behind this attack by WannaCry.

 

Sources:     Forbes  , Wired

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

How to Improve Your Cyber Resilience by Strengthening User Privileges