"WannaCry pandemic" to "Data Breach" to "GDPR violation"

May 18, 2017 BY Original by IT Governance Ltd.

  "WannaCry pandemic" to "data breach" to "GDPR violation"    Scenario : ransomware seeks vulnerability in older or phased-out ...

It seeks to attack older or phased-out technology, when you care the least

 

"WannaCry pandemic" to "data breach" to "GDPR violation" 

 
Scenario : ransomware seeks vulnerability in older or phased-out technology 
 
Virus Variance: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt or WCRY. 
 
Symptoms: on infected systems, files are encrypted with the .wnry, .wcry, .wncry, and .wncryt 
 
Behavior : "Backdooring" happens that spread and make recovery harder
 
Resources: The WannaCrypt0r Factsheet: https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168 (will you click on this URL?) 
 
 
Consequence and Penalty
 
Data Breach, unavoidable Data Protection concern under GDPR  : failure to move on from an operating system that is no longer vendor-supported, under the GDPR this incident would trigger fines of up to 4% of revenue for every one of the breached parties
 
 
Reach out to iTGRC Asia Practitioners Advisory Group
email : info@itgrc.asia
phone: +65 68180839