Smashing Security podcast #021: WannaCry – Who’s to blame?

Three security industry veterans, chatting about computer security and online privacy.

Smashing Security podcast: "WannaCry - Who's to blame?"

The WannaCry ransomware has struck! But before we tackle that subject, and who we should blame for one of the highest profile malware attacks for years, we discuss how HP has been unwittingly capturing the keystrokes of its laptop users. Then we briefly discuss what might be the worst cinema date in history, before rounding things off with a discussion of hackers extorting money out of movie studios.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul “Pob” Baccas.

Smashing Security #021: 'WannaCry - Who's to blame?'

Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Paul Baccas – @pobicus

Show notes:

Sponsor: Recorded Future

This episode of Smashing Security is made possible by the generous support of Recorded Future – the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.

Sign up for free daily threat intelligence updates at recordedfuture.com/intel.

Thanks to Recorded Future for their support.

Follow the show:

Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.

Remember: Subscribe on iTunes or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Smashing Security podcast #021: WannaCry – Who’s to blame?”

  1. Bob

    People concerned about WannaCry, and the security conscious in general, should disable SMB v1 in Windows. I'm not sure why this wasn't recommended in the podcast. This can be done by home users as well as corporate users. You should not disable v2 or v3.

    https://blogs.technet.microsoft.com/staysafe/2017/05/17/disable-smb-v1-in-managed-environments-with-ad-group-policy/

    This is so simple there is no reason not to do it. It's a case of ticking a box in Windows Features (appwiz.cpl)!

    My recommendation to avoid infection by WannaCry is to update to MS17-010, disable SMB v1, and ensure you're using decent Internet Security software (AV + Firewall). Updating to MS17-010 alone won't prevent infection if you download any dodgy software / enable macros.

    Microsoft recommend that you block "all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices."

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.