I’m going to say something controversial, so brace yourself—the WCry ransomware was a good thing.
Now make no mistake about it. Ransomware is evil. It’s used to literally hold people’s lives hostage. Just like a tornado, it destroys businesses and lives. But it’s far worse, because people make ransomware…and knowing what it does, deliberately inflict it upon other people.
If you haven’t heard of the WCry ransomware (A.k.a. WannaCry or WannaCrypt), you must have been living under a rock. Just over a week ago, the WCry ransomware worm attacked more than 200,000 computers in 150 countries.
And when it did, something changed.
If you’d asked any person on the street what ransomware was just a few days before WCry hit, they would have given you a blank stare.
“Ransomware? What’s that, a new clothing line?” And if you’d started explaining it involved software and security, well, eyes would glaze over in seconds. It’s an IT thing, you can see them realize, so I don’t need to know—that’s what IT guys are for. Cue tune out.
A day after WCry hits. There’s a ransomware story headlining. Not in the IT news, where such matters are commonly discussed. Oh no. Front and center in the mainstream media. And non-IT folk are talking about it.
Unheard of. And yet, the threat of ransomware has always been there. WCry has illustrated grandly what so many experts have been trying to hammer into businesses since ransomware was first invented. You are at risk. This can’t be ignored. Even when you tell people that one in two—one in two!—of businesses were hit with ransomware in 2016, or that 911 services and hospitals are being obstructed, this argument failed to make the same illustrated dint as WCry did.
But here’s the other great thing: for a ransomware, WCry was hilariously, awfully bad at doing it’s job.
If WCry had been as wildly successful as past ransomwares like SamSam, Locky or Mischa, I wouldn’t dare write this article out of respect for those hit. But after hitting hundreds of thousands of machines and asking for $300 to $600 a pop, the take from such a widespread crime is embarrassingly small.
At last count, the malware makers have made just above $55,000. That’s just over 25 cents for every machine they’ve infected.
Experts have commented on how amateurish WCry was made, and how catastrophic the damage would have been if the virus had been made by real professionals.
And if it had been, the headlines would have been quite a bit different. It’s a gigantic stroke of good luck not just for businesses, but the global economy. Traditional ransomware can ask for anywhere from thousands to tens of thousands of dollars.
Instead, WCry happened. And now we’re at a historical turning point.
The Big Decision for Businesses Everywhere
WCry can be an immunizing shot—a literally damaged virus that causes businesses to strengthen their immune system, to avoid disaster in the future.
The alternative is to do nothing. If that happens, when a new ransomware comes along with the same scope as WCry but the actual effectiveness of traditional ransomware, most businesses will be easily cleaned out.
The immunization metaphor is incredibly apt. For a disease like ransomware, prevention is the best cure. By safeguarding your data with a proper backup strategy ahead of time, you’ve got the same kind of practically invulnerable status against the virus in question.
After all, how is someone going to make you pay for your data when you can just wipe your system and perform a bare-metal recovery from your uninfected device?
With WCry, we got lucky. Because it was ineffectively made, an IT white knight was able to ride in and throw a spanner in the works of the ransomware—something that is practically impossible to do with a well-made ransomware.
And so the businesses, organizations, and even home users of the world should take note and back up their data, whether they’re using a Windows Server or an iPhone.
If you’re not using a Windows OS, read our guide on the best backup and recovery software for your OS to help you out.
By Adam Ipsen