Tens of thousands of computers have been affected in different parts of the world because of a malicious software or you can call it “ransomware”.
The software security companies have said that a ransomware worm called “WannaCry” has infected about 57,000 computer systems in 99 different countries. Out of them, Taiwan, Ukraine, and Russia were the primary targets.
The intensity of the hack was so much that it forced the British hospitals to turn away their patients. A lot of other companies and government agencies including the Spanish company Telefonica were completely in chaos.
If you are wondering about WannaCry, here are the details of this software behind such a widespread cyber-attack:
Working of WannaCry
It is a form of ransomware that locks the files on your computer and then encrypts them in a way that one cannot access the files anymore. The major target of this software is Microsoft’s Windows operating system which is most popular around the globe.
When a computer gets infected, a pop-up window appears revealing the instructions that the user must pay a ransom amount of $300.
There are two clocks on the pop-up window. One of them shows a three-day deadline after which the ransom amount will get doubled to $600. The other shows the deadline when the user will lose all its data forever.
They only accept payment in the form of bitcoin.
The ransomware comes with the name of WCry but analysts are suggesting other variants like WannaCry.
In April, a group of hackers called Shadow Brokers released the virus after claiming to have discovered a flaw in the US’ National Security Agency (NSA).
Spreading of WannaCry
The WannaCry ransomware can get into your system by clicking or downloading the malicious files. It then holds all your data as ransom.
However, some security researchers have said that the WannaCry infection seemed to have deployed via a worm and spreads on itself within a network. It doesn’t rely on humans to click on the infected attachment to spread.
All the files are then encrypted and a payment is required in return to access them again. According to security experts, there is no guarantee that the users will get access even after getting the payment.
Some forms of this ransomware are so extreme that they can lock your computer entirely with only a message for the payment being displayed.
While others create popups which cannot be closed and thus, the machine becomes unable to be used.
Areas where it Spread
The security software maker Avast’s researchers said that Russia, Ukraine, and Taiwan were the main targets in this attack but a number of other countries have been affected as well.
James Scott who is from Washington DC-based Institute of Critical Infrastructure Technology says that in 2016, the ransomware epidemic emerged. Due to its poor digital security knowledge, it is the healthcare sector which has suffered the most.
Scott further says, “The staff has no cyber-hygiene training, they click on phishing links all the time. The sad thing is they weren’t backing up their data properly either, so that’s a big problem. They should be doing that all the time.”
“Everyone’s vulnerable right now because you’re only as strong as your weakest link within your organization from a cyber perspective,” he continued.
Steps to be Taken to Prevent the Infection
These steps have been revealed by Microsoft’s Malware Protection Center so that users can protect themselves from ransomware:
- Always use an up-to-date antivirus software.
- Avoiding clicking on links or opening attachments from people you don’t know or unknown companies.
- Internet Explorer provides the option of the smart screen which helps in identifying malware websites, phishing links, and helps you in making decisions about downloads.
- Enable pop-up blocker in your browser.
- Backup all your important files regularly.
The “Kill Switch” for WannaCry
A cyber security researcher has claimed that he has found a “kill switch” that can prevent the spread of WannaCry.
According to him, a domain name which is registered with the name of the malware cannot be infected by it. Unfortunately, this will not help the computers which have already been affected by the ransomware.
- ransomware: kespersky