My take — this was a state-sponsored test-run for a “false flag” attack on an international scale, but who the true source is remains unknown. Web gossip suggests the ransomware was stolen by hacking the NSA, but again this is unknown for certain.
Perhaps the most important lesson from this attack on more than 250,000 computers is that Microsoft had released the patch that blocked this vulnerability more than a month ago. Hospitals, phone companies, and other big league players like FedEx failed to install the security patch by the time the attack occurred and were hit by the attack.
The most effective defenses against a ransomware attack are:
- Patch software as soon as a security patch is released
- Have a reliable backup system — back up frequently — stored off-site without a connection to your live servers or network.
- Practice crisis restoration protocols regularly
- Have a written databreach incident plan ready and train employees on it regularly