“WannaCry?” Just download this .exe!
The previous week was one of the worst weeks in Cyber Threat history when over 200,000 victims in at least 150 countries were targeted by the ransomware known as “WannaCry” and that ransomware still continues to wreak havoc over the online population.
What is a Ransomware?
A malicious software that hijacks a computer or a whole computer network, locking out the user preventing them from accessing the files until a particular ransom is paid to the hijackers.
What does this latest ransomware do?
“WannaCry” seized control of over a numerous computers all over the world, determined to collect money in exchange of retrieving the locked and inaccessible files and data.
It can:
• Prevent you from accessing Windows
• Encrypt files so the data can not be used
• Block certain apps (like your web browser)
The malicious ransomware attack started on Friday 12 May 2017, targeting businesses and large organizations:
1. Hospitals in United Kingdom,
2. A Spanish telecom giant,
3. Even FedEx,
4. car factories in France and the UK,
5. Universities in China,
6. corporations in the US,
7. Banks in Russia and
8. Surprisingly the Russian Interior Ministry
List of Countries affected by Ransomware
• United Kingdom
• The United States of America
• Russia
• China
• Spain
What is the specialty of WannaCry?
This Ransomware WannaCry attacks computers running Microsoft Windows operating system. The attack is carried outby encrypting crucial data and once the system is seized by the ransomware it is released by paying the ransom in the Bitcoin cryptocurrency.
In case of “WannaCry”, the ransom demand is $300 but this demand increases with time. However there is no guarantee of getting the data back.
How computers are hijacked by WannaCry?
The ransomware is delivered to the email address of the target as a software attachment.
As the receiver opens the email the ransomware encrypts the hard drive denying any access to the stored data in the hard drive or retrieve photographs, documents or music.
What should the normal crowd do?
Having any trusted anti-virus software in your system will be enough to detect the ransomware threat although cyber criminals have used the loopholes in the architecture of Microsoft Windows to avoid detection from antivirus systems.
You can prevent yourself by:
• Patching or updating your software
• Using a reputable security suite
• Disconnecting from WiFi or unplugging from the network immediately
• Using Cryptolocker Prevention Kit
• Filtering files by .EXE
• having a regularly updated backup
Did we hear some sigh of relief?
The attacked systems are not guaranteed to get the control of their system back even after paying the ransom. From the experience of the previous ransomware attacks some victims did pay the ransom but the key provided to them didn’t work and some people who did get the data back reported that their data was corrupted hence it could not be stored properly.
The best prevention measure for the crowd is to keep the automatic updates on for receiving the regular patch updates from Microsoft.
Will it continue?
Last Monday the ransomware spread slowed down and there were no attack reported. This may be credited to a 22-year-old researcher who calls himself simply a MalwareTech discovered a “kill switch” that slows down the ransomware by registering a falsified name hidden in the malware, as reported by the Wall Street Journal.
What’s next?
Cybersecurity experts are encouraging Windows users to keep their software up-to-date with all the latest patches that are released by Microsoft on a regular basis.
Although these attacks were meant for Microsoft, now the concern is if the same will be done against Apple too.
With the rise of such attacks on a global scale the need of a Digital Geneva Convention has been bought into light.
The question that looms over everyone’s mind: Is it time for the world to come together and create a summit to thwart such global security threats?