The cyberattack that infected more than 200,000 computers across government, healthcare and private sector companies in about 150 countries will not be the last of its kind, experts told Inc. Arabia.
Even so, the impact of WannaCry on Gulf countries, which have been historically prone to large-scale cyberattacks, was minimal.
The UAE Telecommunications Regulatory Authority (TRA) confirmed on May 13 that no cases of WannaCry ransom attacks had been reported in the UAE.
“So far, we have not received any e-government service cases that are affected by the virus. WannaCry is a malicious program that affects smartphones and computers by encrypting and locking their data so that it cannot be accessed until payment is made.”
The ‘distance’ between the Gulf and the ground zero of the attack, which appeared to be Europe, meant that the virus didn’t have time to spread, said Dr. Marc Dacier, research director at the Cybersecurity Research Institute at Hamad Bin Khalifa University.
“This is a malware…a malicious software propagating itself autonomously, once it has affected the machine, by semi-randomly looking for other machines that it could attack,” he said.
To do that, it’s looking for the whole internet for IP addresses one-by-one, trying to knock-on-the-door, and see if the service they want to attack is available, he explained.
“And it just so happened that they haven’t been knocking on the IP addresses that were in this region because it got stopped pretty quickly.”
Another analyst, Greg Tworek, director at Poland-based cybersecurity consultants CQURE agreed that the virus wasn’t given ample time to spread.
“It’s a matter of luck…it’s not about technology or data protection. This particular malware started in Eastern Europe…in Russia…Ukraine…and simply had no time to spread to the world significantly,”
Tworek said that “we can be perfectly sure” that we will be repeat attacks as cybercriminals exploit vulnerabilities in widely used networking software.
“Ransomware creators are doing it for money. It’s the best return in terms of the time, effort, and money put into the attack,” he said.
When the new version hits us, no one can predict which countries or which industries will be hit, he warned.
There are also signs that the hackers behind the attack were from China, Tworek added.
“There are some traces that it comes from China and North Korea. Also, related to the fact that Russian computers were the most commonly targeted, so maybe [it’s] Russia, but it’s very hard to predict.”
He said malware is designed to be undetectable: “They are doing their best to hide their traces.”
Security firm Flashpoint dismissed reports that North Koreans were behind the hacks, after finding evidence that the ransom note was translated from another language into Korean.
Only fluent Chinese speakers could have created the WannaCry attack, their research showed.