Have you heard about WannaCry or WannaCrypt? The global frustration and fear it has ignited in the minds of cyber security experts has never been witnessed in the past, by affecting more than 3.3 Lakh computer systems in at least 150 countries this attack has become the talk of digital town.
Read everything about WannaCry Ransomware attack that initiated on May 12th 2017, which is probably the biggest ransomware attack till date – from what it is, to how to secure yourself and everything in between.
WannaCry Ransomware watch the impact on this Live Map!
First of all, MalwareTech (Twitter Handle) is the guy who accidently pushed the kill switch on the attack saving a huge no. of systems, by buying a domain which was mentioned in the WannaCry code. For the feeds, covering the huge impact of WannaCry Ransomware and other potential botnets, you can visit this link to MalwareTech.
What is a Ransomware?
As the name suggest, it is a cyber-attack which encrypts your data and demands a ransom to unlock the files it has locked. E-mails, malicious download links, spam, phishing content and social posts are the general sources of ransomware reaching the victim’s system. Once downloaded, it locks up the files on computer, demanding good enough bitcoins to unlock it.
However, there is no guarantee that your files will be fully-freed after paying ransom. There is a good chance that attacker comes back in a few days to threaten you for more ransom.
Why is WannaCry unique and more dangerous than conventional ransomware?
WannaCry or Wanna Decryptor spreads from computer to computer at an insanely-fast speed. There is no need to click on any link or downloading a file to face the havoc as it is a self-spreading virus, making the whole nastiness automated for you.
The ransom being demanded is worth $200 to $1200 for decrypting the encrypted files. By 16th May, 2017 – more than $65k was already paid by the victims.
Quick Summary of What WannaCry has done yet!
How did the attack work?
WannaCrypt 2.0 or WannaCry has exploited the vulnerability in Microsoft’s Operating System. The attackers took advantage of the critical SMB Vulnerability, which was actually found by NSA but wasn’t disclosed to Microsoft. A hacking group named Shadow Brokers managed to hack the NSA servers, dumping the zero-day exploits and hacking tools in public.
Will it affect me?
Microsoft released a patch for this flaw in March, 2017. Anyone, who has not updated their systems are vulnerable of attack. Microsoft has released the patch for previous versions as well (shoutout to the good guys at Microsoft )
Who was affected?
- It all started with NHS and several other health organizations in England, Britain, Jakarta and Scotland, causing the cancellation of thousands of appointments and operations, except the medical emergencies.
- Interior ministry of Russia
- Germany’s Railways operator network Deutsche Bahn
- Around 30k institutions in China and 600 locations in Japan
- Multiple organizations in Taiwan, Ukraine and India
How to Know if you are affected or not?
If you are seeing the screen, as shown below, you are affected!
Should I pay the Ransom?
No, you shouldn’t because there is no guarantee that you will get access to the files, even after paying the ransom.
How to Protect Yourself?
There are several things you can do –
- Always (like ALWAYS) keep your system updated. Install security updates as soon as they are released.
- Download and install the Patch MS17-2010
- If you can’t install this patch, disable SMB by following these instructions –
- Open Control Panel -> Programs.
- Go to ‘Features’ and select ‘Turn Windows features on and off’
- Find ‘SMB 1.0/CIFS File Sharing Support’ and uncheck the box.
- Save the changes and restart your PC/laptop.
- Remember that Firewalls and anti-viruses are made to be used.
- Do not click on suspicious links.
- Backup your data regularly.
There is still a huge outcry regarding the WannarCry attack. The affected organizations and victims are still not able to re-gain the momentum. One thing these attackers taught to the world is how destructive ignoring the security can be!
And yes, the attack is still not over, so beware and take the cyber security seriously. You obviously don’t Wanna cry, right?