On Friday, 12th May 2017 a massive cyber-attack infected thousands of computers all over the globe. The Virus is known as “WannaCry” which is a ransomware; malware which encrypts all your data and demands ransom in the form of Bitcoin for the release.
The hackers took advantage of an exploit for Windows “EternalBlue”. This file was in possession of NSA and in mid-April, it was made public by a group known as “The Shadow Brokers”. On March 14, a patch was released to eliminate the risk associated with it for all supported versions of Windows (Vista and later).
Sadly most of the systems were unpatched at the time of attack, Windows system such as Windows XP and Windows Server 2003 were left out to dry in the heat without a patch file, which resulted in millions of files lost/locked, more than 250,000 computers hacked and more than £33,000 has been paid in ransom according to Bitcoin wallets.
What is Ransomware?
It’s a type of cyber-attack which enables a hacker to lock all your files and demand ransom in return of the data. For hackers to gain access to the system, a file (malicious software) is needed to download to the network via internet. Once the link is clicked the virus automatically spread with in the network infecting all the computers and other devices with in the LAN.
Once the software (Virus) is in your network, the hacker can lock computer connected to that network, it’s a slow and gradual process with files encrypted one after another.
Big companies and organization with super-alert security system are able to block the virus from spreading, but individuals are not secured and might end up losing all their data.
What is Wannacry?
It is a special type of ransomware that blocks all your files and leaves you with an instruction screen, defining how to exit form this chaos and second is the software itself (wannacry). After the files are corrupted/locked, hackers demand ransom to unlock data.
On 15 May another attack happened which was considered as the after effects of wannacry. It effected more than 36000 computers around the world and was spreading with leaps and bounds. But with extreme security measures and alarming situation created by the initial attack neutralized the magnitude of second one and it went off early as people were alert.
Moving forward a new virus named “Eternal Rock” was making news this week, it is considered as a wannacry 2.0 and is more dangerous than the previous one. Currently it is dormant but can easily trigged and used against people and governments. It is considered more vulnerable because it is using seven elements to attack a user, whereas the wannacry was using only two. Using seven instruments concurrently makes it the fastest and dangerous virus we have ever seen.
How to Protect Yourself Against Ransomware?
Once a computer is affected with this type of malware the data/files cannot be recovered without payment. But you don’t have to go to that extent. We can use precautions to avoid the data loss or ransom payments.
Back-up all the data in your computer. Keep the data in a separate hard drive which is not connected to the internet.
Keep the system up-to-date (Windows 10).
Use security software like Antivirus and VPN. As new variants of ransomware appear on regular basis on the internet.
Don’t download malicious app or bad program for websites showing suspicious adverts.
Ignore dubious emails. Emails is considered to be the best commute for virus via links and attachments.
Using Cloud service can eliminate the risk of ransomware, since you can retain files form it.
If you are attacked by a hacker/s via malware or virus and s/he is demanding ransom in return of your data, don’t pay. It will discourage the practice of hacking, try to recovery data form backup. If it’s not working try decrypting software but never pay the hackers. Decrypting your data can be irritating and annoying but it is better than paying your hard earned money. Another advice that I gave to users is try a different operating system like Linux and Ubuntu. As no computer having these operating system reported infection by wannacry.
Mustafa Hasan is a technology geek who is working as a security consultant and safety analyst for various IT companies. The self-taught expert started sprinting in the tech-world right after his graduation in Information Technology. Furthermore he completed an MBA in digital marketing and looking to peruse M-Phil leading to a PHD. Twitter | LinkedIn