crypto-ransomware, also called WannaCrypt, had hit at least 45,000 computers spread over 74 countries demanding a $300 ransom in Bitcoins to restore access to these devices and the information inside. attack also affected UK’s National Health Service stalling surgeries and other work across the British Isles as patient information.
What is ransomware?
There are many types of malware that affect a computer ranging from those that steal your information to those that just delete everything on it. Ransomware, on the other hand, prevents users from accessing their devices and data till a certain amount is paid to its creator as ransom. Ransomware usually locks computers, encrypts the data on it and prevents other software and apps from running. The WanaCrypt0r 2.0 bug, for instance, wants $300 to be paid in Bitcoins to unlock the affected computers. However, paying the ransom is no guarantee for getting the files will be restored and might just open up new attacks.
How do ransomware attacks take place?
Like all malware, ransomware too exploits vulnerabilities in operating systems. Strangely, in this instance, the hackers could have used the ‘Eternal Blue hacking weapon’ created by America’s National Security Agency (NSA) to gain access to Microsoft Windows computers used by terror outfits and enemy states.
how to stop wannacry-biggest ransomware attack?
Scrubbing malware from systems is an arduous and lengthy task. The scale of infections in this case already suggests it may be an impossible one. Governments and law enforcement agencies will probably try to identify the “command and control” servers from which the malware is being run. If intelligence efforts can pinpoint those and seize control of them, then the encryption keys could be released to all infected networks.Microsoft claims it “released a security update which addresses the vulnerability that these attacks are exploiting” in March itself and advised users to update their systems in order to deploy the latest patches. A post attributed to Phillip Misner, Principal Security Group Manager
Disconnect from the internet to ensure there is no further infection or exfiltrating of data as the ransomware will be unable to reach the command and control servers. Set BIOS clock back in case the ransomware has a time limit associated to it as with WannaCry. You can also reach out to the Cyber Police Cell of your state immediately. Sites like or bleepingcomputer.com can also help
What can you do to prevent infection:
According to Microsoft’s Malware Protection Center, here are the steps you should take to protect yourself against ransomware:
- – Install and use an up-to-date antivirus solution (such as Microsoft Security Essentials)
- – Make sure your software is up-to-date
- – Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with
- – Ensure you have smart screen (in Internet Explorer) turned on, which helps identify reported phishing and malware websites and helps you make informed decisions about downloads
- – Have a pop-up blocker running on your web browser
- – Regularly backup your important files
What can be the impact of a ransomware attack?
Depending on the critical nature of the computer involved, any malware attack can have serious implications in the highly digitised worlds we live in. In the WannaCry attack it is reported that many surgeries had to be put off, x-rays cancelled and ambulances called back. For many years it has been feared than an attack of this nature can bring public utilities or transport systems to a halt. And that is why a lot of stress is being laid on security of these properties across the world. If a service like an urban metro rail is target, you can rest assured that the ransom will be way above $300.