The world has just seen its largest ransomware cyber attack in history. 45,000 computers across 74 countries became victims of a malicious worm called WCry or to be precise the wannacry ransomeware worm believed to have been created by tools developed by the National US Security Agency. It has crippled the NHS crippled computers in almost 100 countries and hit FEDEX especially hard.
The latest tally set by cyber security software maker Awast was 57,000 infections in 99 countries. Cybersecurity company F-Secure’s chief research officer Mikko Hypponen called it "the biggest ransomware outbreak in history.” The Wcry ransomware officially called WanaCrypt0r 2.0 has been delivered disguised as emails tricking recipients into opening attachments and releasing malware into their software system through Phishing.
Image Source: www.telegraph.co.uk
The latest ransomeware attack WCry is locking up computer systems across countries and demanding bitcoin payments for re access. In fact it is so malicious that there are no guarantees that access will be granted even after payments. More money may be demanded under threat of a complete deletion of the entire system. The attackers demand upto $300 with messages saying "Ooops, your files have been encrypted!" If you don’t pay in 3 days, the amount is doubled. If no payment is received in 7 days, the files are deleted.
The Wannacry ransomeware has exploited a vulnerability in Microsoft which had released a patch for fixing it in March(some fix). As people are prone to delaying such things, it makes it easier for hackers to attack a system. There is a possibility of removing the virus through advanced and sophisticated antivirus systems or through the computers safe mode but one has to manually remove the files.
Image Source: www.sciencefocus.com
Britain has been hit the worse where the National Health Service was virtually crippled. Staff was made to resort to pen and paper for work as all key systems and even telephones have been attacked. People are being advised to seek medical care only if it’s an emergency. The prime targets were Britain, Russia, Ukraine and Taiwan. Russia has also confirmed it has been affected badly by the cyber attack.
Countries like India have not appeared to be affected although one never knows what may transpire next. Several systems such as XPO are still in use and especially prone to such attacks. A massive cyber attack on the level of the present ransomeware could potentially cripple the country and the government. FedEX Corp was one of the high profile victims while Spanish telecommunications company Telefonica was also one of the targets. Telefonica Portugal and Telefonica Argentina have also been attacked.
Image Source: www.twitter.com
Good question, and as usual the US is of the eye of the controversy. As reported by media across the world including the economic times India, and telegraph UK, the bug was initially used by the NSA (National Security Agency) for purposes of espionage on enemy states and terrorists. However early this year, one of the tools called Eternal Blue was leaked online and was used in the present cyberattack.
A cyber gang called the Shadow Brokers claimed in April that it had stolen the cyber weapon Eternal Blue form the NASA which has now given it unprecedented access to computers using windows worldwide. The weird aspect of the attack is the fact that Microsoft had issued a patch to users on March 14 for protection against Eternal Blue yet it seems no one took them seriously. Perhaps Microsoft should have informed users about the potential seriousness of the future risks involved. Once the attackers gained access, they created Wannacry ransomware and scheduled a well planned premeditated attack worldwide.
Image Source: salt.zone
A cybersecurity researcher has discovered a kill switch that can prevent the spreads of wannacry ransomware temporarily. However he advises users to patch their systems and have them updated immediately. "Essentially they relied on a domain not being registered and by registering it, we stopped their malware spreading," @MalwareTechBlog told Agence France-Presse in a private message on Twitter.
Although the criminals can be caught, it will be extremely difficult. Money is already flooding their accounts which can be tracked to see where the bitcoins end up. Bitcoins funds can be traced through the bitcoin system. For now the best way to remain protected is not to open any email that seems suspicious. Don’t download any attachment from senders not recognized. Neither should programs and software be downloaded from unfamiliar sources.
How do you stop wannacry ransomware from spreading