I’m sure we all seen the recent statistical figures talking about an increase in ransomware attacks ranging between 2 to 3 times in 2016 when compared to previous year. While these numbers are already depressing enough, recent events between WannaCry/WannCrypt and ExPetr/Petya/NotPetya have made the situation worse. We seen increase variations of the EternalBlue vulnerability/exploit previously patched in MS17-010. These new ransomware attacks are building on already known vulnerabilities that people are still struggling to patch or properly address as a serious threat.
From what I can see, more companies are being impacted than I would feel comfortable with when gauging the security ecosystem. This leads me to believe that companies are not taking these threats seriously, it’s as if they feel that such occurrence is so far away from their organization that it’s not going to be impact them. It also feels as if people did not understand the “mild” differences between WannaCry/WannaCrypt and ExPetr/Petya/NotPetya, where as I truly felt worried when I saw how NotPetya utilized common administrator tools such as PSExce and WMIC to move laterally. In my eyes I saw more occurrences and variations of such attacks that could be created by more people or groups with i’ll intentions and I’m glad I’m not the only one feeling concerned as more awareness needs to be brought to this issue.