A ransomware is a malicious software that infects a computer and restricts the user to get access to the computer until a ransom is paid to unlock it. WannaCry or WannaCrypt0r or WannaDecrypt0r is a ransomware that targets computers running Windows OS.
WannaCry infects vulnerable Windows machines, encrypts everything, and presents the victim with a multilingual pop-up message demanding a $300 ransom in BitCoin in exchange for the safe return of the files.
WannaCry is believed to use the EternalBlue exploit, which was developed by the U.S. National Security Agency (NSA).
The cyber attack was launched on Friday 12, 2017 and reports indicate that it has infected more than 230,000 computers in over 150 countries worldwide. The attack spreads by multiple methods, including phishing emails and on unpatched systems as a computer worm.
According to reports, three or more hardcoded bitcoin addresses, or “wallets”, are used to receive the payments of victims. As with all such wallets, their transactions and balances are publicly accessible even though the wallet owners remain unknown. To track the ransom payments in real time, a Twitterbot dubbed actual ransom has been set up. As of the time of publishing this article, 151 payments totaling to 24.75899797 Bit Coins ($42,640.91) had been paid.
A patch to remove the underlying vulnerability for supported Windows versions i.e Windows Vista and above was issued on 14 March 2017 by Microsoft. Due to the scale of the attack, Microsoft took an unusual step of releasing updates for all older unsupported operating systems from Windows XP onwards as well.
However delays in applying security updates has left many users vulnerable.
The attack affected many hospitals in England and Scotland, and up to 70,000 devices including computers, MRI scanners, blood-storage refrigerators and theatre equipment are reported to have been affected.
The Communications Authority of Kenya (CAK) through the National Kenya Computer Incident Response Team Coordination Centre released a press statement to discourage people from paying the ransom in case they are attacked and advised the public to ensure their Windows devices are up to date.
Here are some preventive measures:
- Keep an up-to-date backup of your important files offline, to ensure that in the case your computer is attacked, you can restore your files from the backup.
- Ensure that your anti-virus is working and up-to-date
- Avoid clicking on links or opening attachments or emails from sources you don’t know.
- Do not download anything you are not sure of the contents
In the unlikely case that your computer gets infected, keep calm and don’t pay the ransom. Simply use your back up to restore your files. Please note that this does not guarantee you will get all your files back but you will definitely have your machine up and running once again.
[…] million of revenue. The most recent case happened a few weeks ago where a wave of ransomware called WannaCry hit several organizations in several parts pf the […]
[…] million of revenue. The most recent case happened a few weeks ago where a wave of ransomware called WannaCry hit several organizations in several parts pf the […]
[…] successful, to be able to detect and respond appropriately to these attacks. In the case of the recent Wannacry attacks, it’s basic practices that were avoided by people being affected by the malware,” […]
[…] to be able to detect and respond appropriately to these attacks. In the case of the recent Wannacry attacks, it’s basic practices that were avoided by people being affected by the malware,” […]
[…] are in line with competition laws. The company has also argued that the ransomware threats such as WannaCry outbreak has necessitated the call for measures such as ensuring that malware protection is always […]
[…] its only been one month since the WannaCry cyber attack was stopped and we already have a second go at a similar […]
[…] able to bypass FireEye since it was launched in 2004, and it is the tool that detected the famous WannaCry malware that hit millions of PCs across the […]
Comments are closed.