Ransomware WannaCry has hit Windows Computers worldwide. Here is what you need to know about this cyber attack in brief. The attack was launched on 12 May 2017 and within three days it has reached an epidemic proportions with no apparent relief in sight.
What is a Ransomware
Ransomware is an old concept. It is designed to lock access to your files by inserting a code or software in your computer. Once the ransom is paid, you can get a code to unlock your files. Simple ways to lock your computer is to simply block the screen and display a message. More sophisticated ways are to encrypt all the files, so that there is no way to access them without the password.
Ransomware originated in Russia and since 2000 has been surfacing frequently with better encryption and sophisticated ways to collect the ransom money. Today attackers use a pair of public and private encryption keys. After gaining access to the system, files are encrypted. Decrypt keys are generated for individual computers only after the ransom is paid. Ransomware WannaCry though the latest is not believed to be highly sophisticated attempt.
What is WannaCry Ransomware
WannaCry Ransomware began its attack on 12 May 2017 by exploiting a previous vulnerability with Microsoft PC and Server systems. Within hours tens and hundreds of computer systems got infected. The software spread from network to network until it has infected systems across all countries.
Ransomware WannaCry first encrypts your files and then displays a message giving detailed instructions on how to make payments and decrypt files. Payment is $300 if paid in three days or $600 in seven days. Payments have been asked in BitCoins, the virtual crypto currency.
Image courtesy. Wikipedia
Here are some key points to note about WannaCry ransomware and how it has spread so fast.
How did WannaCry Ransomware spread so fast
- Contrary to the popular belief, WannaCry has not spread so fast due to email attachments
- WannaCry could spread due to compromised systems on the network
- It also spread due to unpatched computers which have not been updated
- Computers with older operating systems are the most vulnerable
- Attack is restricted to Windows Computers only
- Windows XP is the most vulnerable operating system today
Precautions against WannaCry attack
There is precious little that can be done if your computer is already infected. If not the following precautions can be taken immediately.
- Backup files to remote location (cloud service like Google Drive) or to another hard disk
- Update Windows Operating System immediately
- Upgrade your Windows OS to Windows 10
Long term measures include using a good all round security solution and not just an antivirus. Restricting use of pendrives and Email attachments on your computer. Make use of cloud storage instead to transfer your files. Updating patches as soon as they are released by Microsoft.
Some interesting facts about Ransomware WannaCry
Banks and ATMs which mostly use unpatched or outdated Windows Operating Systems will get affected over a few days. If not hit by the attack, they will be busy with IT experts upgrading networks and systems. Cash dispersal will get affected. The money in your account is safe. Bank records will also not be affected since they are housed in secure systems
Utility systems with compromised systems or networks may get affected. But again they will be down primarily due to updating of patched and software rather than the malware itself.
If you have an infected computer or suspected infection of ransomware wannacry, do a favour to the community by disconnecting it from any network or your ISP connection.
Microsoft had released a patch for its vulnerability in March 2017. But no one could estimate an attack on such a scale to be launched.
Antivirus industry is hopeful that a decrypting tool will be available soon. Most have suggested that payment should not be made.
It is a good time to say bye bye to Microsoft and its ever unsecure operating systems, Windows. Apple iOS is a good option for the switch.
Image course Wikipedia
Read the article here