Thursday, 1 June 2017

The WannaCry Ransomware Attack

A global cyber-attack has been reported recently which affected more than 230,000 computers in over 150 countries. In the United Kingdom, the cyber assault hit 47 Hospitals and the operations have been cancelled leaving patients helpless or without getting proper treatment. This cyber-attack has been reported due to a Ransomware called WannaCry.

The WannaCry Ransomware is a crypto worm which targeted the Microsoft Windows OS computers, by encrypting data, blocking access to the files and demanding payments in the Bitcoin cryptocurrency.

Microsoft had already announced the vulnerability issue on March 14 and advised users to patch their software.

The WCry is a specific hacking program which locks all the data on a computer system and leaves with only two files: directions on what to do next and the Wanna Decryptor program itself.

When the user opens the software, it informs the users that their files have been encrypted (locked), and gives them a few days to pay the ransom amount, with a warning that their files will be deleted if not paid within the date. WannaCry demands the payment in Bitcoin, it will show the instructions on how to purchase it, with their Bitcoin address to send it to.

Protection Measures against WannaCryAttacks

  • The best protection method against Ransomware attacks is to have all files backed up regularly in a separate system. This can protect your files from an attack because you have already a backup.
  • Never open any suspicious Email or website link. The most common method of installing the virus is through phishing emails or websites.
  • Downloading an app, or visiting a website which displays malicious adverts can also make you a victim of the WannaCry attack.
  • Updating the Antivirus programs is a MUST because it can scan files before they are going to be downloaded, and can block secret malware installations.
  • It is strongly recommended that all Windows users must fully update their system with the latest available patches.
  • It is also suggested to disable the SMB1 file protocol, through which the worm was believed to spread across various networks.

Recently, some cyber security companies have developed sophisticated tools against cyber-attack, including machines which fight back when they identify hackers in a system.

What to do if WannaCryAffected - Should you PAYor NOT?

It’s advised to never pay the ransom amount as it encourages the hackers to continue with their hacking process. Even if the amount is paid, there is no guarantee that all files would be returned safe.
The best thing to do in such a situation is to restore all files from the back up source. If it’snot possible, there are some tools available now which can decrypt and recover the encrypted files.

How Much Do AttackersDemand?

The Ransomware hackers often demand between 0.3 and 1 Bitcoins (£400 - 1,375).
The Bitcoin digital currency has been popular among cyber attackers,because it is practically impossible to find out or track who’s playing behind while using Bitcoin unlike traditional currencies.

How Did the WannaCry Spread to Other PCs?

Detailed analysis from Anti-virus/Anti-malware developers like Proofpoint, Symantec and Kaspersky got evidence that WannaCry Ransomware began to spread via Microsoft's SMB flaw. This system is meant to share files between PCs on closed networks but can easily be exploited if one PC is connected to a public network.

Which Programming Lanuguage used to Code WannaCry?

Like most other malwares, it is also written in C, C++ Programming Language.

Software Programming Training in Cochin

Soften Technologies offers software programming courses like ASP.NET, PHP, Java, Android, Embedded Systems, Software Testingalong with networking training and certification like CCNA Security, CCNP Security, CCIE Security, MCSE, RHCE and Linuxin Cochin, Kerala.

CALL: 8129199511, 0484 4037036 for your queries.


1 comment:

  1. Don't think that training coulsd save from ransomware using previously undiscovered software vulnerabilities. Nevertheless, ransomware protection is still developing and a proper training is really necessary.