WannaCry Ransomware Attack 2017
It all began in last week. The fear of possible ransomware attack first started in Europe… lingered a bit and hit China and Japan. By Monday afternoon, more than 150 countries have reportedly been infected with WannaCry software or malware as we say. Accessing our own data became a half hazard task. Every time we tried to open files from our own computers we were greeted with the message demanding $300 payment to restore files to normal.
What is Ransomware?
Have you ever heard of a malware malicious software? That’s it! A Ransomware is a kind of malware or a computer virus attacking your system, locking up or encrypting all your saved data, sometimes locking your computer and then the creators of ransomware demand money to allow access to your own data or computer. More often, the ransom is demanded in bitcoins that have emerged as an internet currency.
Security researchers claim that a ransomware usually enters your system when you click a malicious email attachment from an unknown sender when you visit a suspicious website or install a pirated software. Additionally, it also enters your computer via socially engineered malware or through a drive-by download. Once entered into your computer, the ransomware locks your data or can also lock your system and unfortunately, you can do least about it.
Occurrence and Spread of WannaCry Ransomware
Cyber security experts say that this ransomware is actually an upgraded version of the ransomware that surfaced in February of this year. The WannaCry malware affects computers using Windows operating system. It works by changing the affected file extension names to “.WNCRY”. Having done this, the attackers have dropped ransom notes for users in a ‘.txt’ file demanding anything from $30 to $300 bitcoins to unlock their infected system.
The shocking truth – the group of hackers responsible for waging a global cyber-attack have used certain tools they hacked or stole from the US national Security Agency. Apart from that, “Eternal Blue” a known hacking tool developed by the US spies has been weaponized to empower and supercharge today’s ransomware WannaCry. The NSA developed eternal blue to exploit works impressively. It allows malware to spread through file-sharing protocols set up by the organizations, many of which have global extensions.
The Extent of Damage Caused by WannaCry Ransomware – An Overview
o Infecting more than 300,000 computers worldwide, NHS hospitals, pharmacies, and GP Surgeries were the worst affected in the UK.
o China, where most of the computers are working on pirated Microsoft operating systems failed to access the Microsoft Patch to fix the vulnerability of the ransomware attack. Chinese state media declared more than 40,000 businesses and institutions have been struck by the malware. One of the largest Chinese petrochemical company PetroChina succumbed to the attack, which disrupted their electronic payment systems at all gas stations of the company.
o Several large manufacturers in Japan took the hit and companies like Hitachi claimed many of their servers went down including computers at hospitals in eastern japan.
o More than 100 systems of the Andhra Pradesh police department transformed into showpieces after taking the direct hit from WannaCry Ransomware. As of now, India is taking extreme measures to control the looming threat on banking systems as 80% of its ATM’s are working on outdated Windows XP operating system.
o The updated information from Avast has confirmed that WannaCry ransomware has also targeted Russia, Taiwan, and Ukraine. A German Railway company also took the hit due to which ticket vending machines at some stations retaliated to work and the passenger display systems at some of the stations remain inoperable. On the other hand, ransomware attack much widespread in Russia affecting banks, railways and interior ministry.
Combat Ransomware Attacks with These Precautions
· Run Updates and Patch Your System
When you are running Windows operating system especially the outdated or older versions, consider yourselves at a greater risk. All you need to do is download the emergency Windows XP Patch, made available by Microsoft. You can download the patch from here. To download the updated security patch for Microsoft Vista you can visit here.
One thing you should remember is Microsoft has stopped releasing new security updates for Vista and XP so it would be better if you try n opt for an operating system upgrade. Ensure that Microsoft updates are enabled in your system and you are reacting and downloading every time you are seeing an update message on your computer. Those running windows 10on their PCs need not have to worry about the WannaCry ransomware.
· Install a Good Antivirus Software
On March 14, Microsoft has issued a software update that is powerful enough to protect you from the WannaCry malware. Those who have downloaded this update are shielded, but those who have been infected merely need to follow the procedure and stay clean. Speaking of Malware, WanaCry spreads as a Windows bug, but other forms of malware spread using different flaws in your software system as if Adobe Inc.’s Flash, Oracle Corp.’s, Java and so on. Therefore, the time you see any update message from any of them it’s time to install that update and keep your system healthy.
Until now, all the antivirus vendors have tweaked their products to detect and combat the malware like WannaCry. A good Antivirus comes with the ability to detect and eradicate countless malware spyware and viruses. Using antivirus not only enables your system to fight the malware or viruses of the latest kind like WannaCry but also it is considered as a sensible step to keep your systems out of the threat.
· Back Up Your Computer Regularly
It is always a good habit to back up your data. If you have spare files of your work or sensitive data, you decrease the depth of possible cyber-attacks. Conversely, increasing amount of data is open to threats like data corruption or unreadable files, taking regular backup will save and protect you from such internal threats.
Think of using some automatic backup options. Although, they charge some fees, subscribing to their services means peace of mind. Else, you can think of Google Drive, Amazon Drive, iCloud, Microsoft Azure if you are generating abundant of data. You do not need to invest much in hardware to back up your data. Forthcoming operating systems like Google Chrome or Microsoft 10S are designed with additional security features making it seamless to back up your computer in the background on a regular basis.
· Do not overlook the Security Risks
Restrict yourselves from opening any malicious links or visiting any suspicious website. Organizations must educate employees to stay away from such phishing emails and report the same to network support team. The objective of such links is to lure you into downloading an attachment or clicking a link, which actually directs you to a malware infecting your system. Identifying between genuine hyperlinks and disguised links to a supposed malware is the best way to keep your system safe from malware, spyware or other damaging viruses.
Organizations handling a bulk of sensitive data should opt for email filters, web filters or SPAM filters detecting malicious content, websites or viruses in the emails, attachments, links, etc. will protect your systems and data against ransomware attacks.
What to do if you are Already Hit by WanaCry?
Already warnings and suggestions are out indicating not to pay the ransom if you are hit by WannaCry ransomware, whatever be the case. Already some of the companies and corporate entities have paid the ransom and there is no any evidence that their files are decrypted or their data is handed back.
Those backing up data regularly can resume their work by restoring backups, totally neglecting the ransom threats and those not having a backup, must consult and report to the respective law and enforcement authorities.
One word of caution for non-Microsoft users, do not celebrate since WannaCry is affecting only those computers having Windows operating system. The reality is malware can attack any operating system and can infect MBR’s, Web Servers, Android and iOS devices, even IoT devices too. Additionally, we are still unaware of the proposed or extent of damage WannaCry can cause in the future. Therefore, security and precaution are the best policies.
Staying Prepared is keeping your System Malware free.
Anish Desai
Email: [email protected]