Still don’t really know what it is? Here you go
It’s rare to see malware programs cause as much panic as the latest WannaCry ransomware did. Last week, people in more than 150 countries found themselves victim to a ransomware program that managed to encrypt all the data stored on their PC.
The ransomware program managed to break through the strongest firewalls and crawl through the best antivirus programs available. It did this simply by exploiting a vulnerability already present inside the Windows 7 Operating System.
The NSA first extracted the vulnerability while they were busy practicing surveillance over the American population. They refused to share knowledge of this vulnerability with people at Microsoft. Eventually, a hacking group by the name of Shadow Brokers stole this vulnerability and leaked it to the public.
Microsoft responded by releasing a patch which could fix this vulnerability. But naturally, most people didn’t notice and the execution of this fix wasn’t properly implemented. The WannaCry hackers took full advantage of this situation, and spread the ransomware program only a month after it was released to the public.
What is WannaCry ransomware?
WannaCry is a dangerous ransomware program that encrypts each and every file on your computer and makes them inaccessible. To decrypt these files, WannaCry hackers demand $300 worth of Bitcoins to be paid within a certain time limit, after which the ransom rises to $600 worth of Bitcoins.
According to an estimate, more than 200,000 PC users, in more than 150 countries, have been affected by WannaCry ransomware.
“The spread is immense,” says Adam Kujawa, the director of malware intelligence at Malwarebytes, who discovered the original version of WannaCry. “I’ve never seen anything before like this. This is nuts.”
Ransomware cyber attacks dominated the cyber threats landscape in 2016, costing businesses more than $1 billion worldwide. The ones most affected by this crime are small- and medium-sized businesses that pay the highest price as they don’t possess the means to obscure themselves against such a massive ransomware cyber attack.
Russia, Ukraine, and Taiwan are said to have suffered the worst from this malware. The National Health Service of the UK was also badly affected because of the attack and services to patients were disrupted for quite a while.
Telefonica, a multinational broadband internet provider, was also on the receiving end of this malware. Around 85% of the company’s computers are said to have been infected, and employees have been sent home.
“The financial impact of the attack on Telefonica should be significant, and goes far beyond the ransom being demanded,” Kroustek said in a statement provided to International Business Times. “It should not take Telefonica long to remove the ransomware, but if Telefonica has not recently backed-up employee files, it could take a while before they are recovered, if they were encrypted by the ransomware,” Kroustek said.
How did WannaCry affect healthcare?
This type of ransomware affects healthcare organizations the most. These include 47 NHS trusts in England and 13 Scottish health boards.
Unlike in previous times, when banks suffered the most from cyber attacks, these institutions didn’t suffer much from the ransomware. On the other hand, healthcare departments remained pretty much safe from cyber attacks because of the lack of technology they used and also because of a strong moral code of hackers.
“We have been concerned for some time that the healthcare sectors in many countries are particularly vulnerable. They’re processing a lot of sensitive data,” said Rob Wainwright, Director of Europol.
After the attack, healthcare institutions had to turn away patients until Sunday because their data was not yet accessible.
While WannaCry continued to infect computers around the globe, a cyber security researcher, tweeting as @malwaretechblog, managed to put a temporary stop to the problem by purchasing the domain name being used by the WannaCry hackers.
Fortunately, the domain wasn’t live at the time, and upon its purchase, it activated a temporary kill switch inside the malware, stopping it from spreading to more PC users.
“I saw it wasn’t registered and thought, ‘I think I’ll have that’,” he is reported as saying. The purchase cost him only $10.69. Immediately, the domain name was registering thousands of connections every second.
Malwaretechblog admitted that the save was only accidental, as they had no idea whether the domain purchase would manage to kill the ransomware or not.
Probably thanks to him, and the lack of trust people had in the ransomware, payments made to the Bitcoin address are low compared to the footprint of this ransomware. At the time of writing, only 285 transactions have been made to this Bitcoin address.
Here are 5 things you can do to protect yourself from WannaCry ransomware
Users, who are safe, are advised to take as many precautionary measures as as they can. The following tips will help you in ensuring that your computers remain safe from WannaCry ransomware:
1. Update your OS: It is recommended that you update your existing OS to the latest version, preferably Windows 10, if you want to save your computer from getting infected.
2. Back up your computer as soon as possible: Backing up your computer before it gets infected will save you from significant stress. You can either make use of external hard drives, or subscribe to an online cloud service to secure your data.
3. Beware of phishing: Staying safe from phishing can help in preventing any such programs from infecting your computer. Make sure that you avoid suspicious links or files on the internet, or the ones sent to you via email.
4. Use firewall software: Firewall prevents suspicious programs from entering your system. It is of utmost importance that you start using a firewall service as soon as you can to remain safe from ransomware.
5. Keep your antivirus software up-to-date: Virus definitions have already been updated to protect users against the latest threat of WannaCry ransomware.