What is WannaCry, how it works & can it be stopped?

-
WannaCry

A global cyber attack has been underway since Friday, affecting more than 200,000 organisations in 150 countries. Already it has proved itself to be one of the most virulent and potentially destructive cyber attacks ever observed. 

 The "WannaCry" ransomware appears to have used a flaw in Microsoft's software, discovered by the National Security Agency and leaked by hackers, to spread rapidly across networks locking away files. 

 A security expert managed to stop the attack by triggering a "kill switch" on Saturday but it has continued to wreak havoc.

Ransomware, which demands payment after launching a cyber attack, has become a rising trend among hackers looking for a quick payout. 


WHAT IS A RANSOMWARE?


Ransomware
Ransomware is a kind of software which helps in a cyber attack that involves hackers taking control of a computer system and blocking access to it until a ransom is paid.

 For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake.



Once the software is on a victim's computer the hackers can launch an attack that locks all files it can find within a network. This tends to be a gradual process with files being encrypted one after another. 

Cyber criminals often demand payment in return for unlocking the files. This is normally in the form of bitcoin, the online cryptocurrency.

WHY HAS THIS ATTACK BEEN SO SUCCESSFUL? 

WannaCry Decrypt0r's Interface
Until now, ransomware was regarded as a relatively rudimentary threat. It is usually spread through emails that are sent en masse to target unwary individuals. Attacks against organisations and businesses are far more unusual. Big organisations usually have sophisticated detection methods to prevent and contain infections. 

The version of WannaCry that spread so rapidly on Friday is different, however: its designers have supercharged it by using tools leaked by the most powerful cyber arsenal in the world — that owned by the US National Security Agency. 

HOW IS THE NSA INVOLVED? 

National Security Agency, USA
A&V has spoken to several senior cyber security researchers who have confirmed that NSA tools are likely to have been used by the hackers. They say an NSA tool known as Eternal Blue looks like it has been incorporated into the ransomware’s architecture; Eternal Blue allows the ransomware to spread laterally across businesses’ computer networks through a vulnerability in commonly used Windows file-sharing systems. 

The vulnerability explains why WannaCry has metastasised so rapidly around the world, jumping between any linked organisations that may have file-sharing arrangements set up for business purposes. As such, it has highlighted the greatest vulnerability of our increasingly interconnected digital environment.  

HOW CAN IT BE STOPPED?

Scrubbing malware from systems is an arduous and lengthy task. The scale of infections in this case already suggests it may be an impossible one. Governments and law enforcement agencies will probably try to identify the “command and control” servers from which the malware is being run. If intelligence efforts can pinpoint those and seize control of them, then the encryption keys could be released to all infected networks. 

An alternative may be that WannaCry’s operators turn over the keys themselves: the success of the ransomware has made them the top global target for the west’s cyber security community overnight. Even the most hardened criminal organisation is likely to worry about such prominence.

HOW TO PROTECT YOURSELF AGAINST RANSOMWARE ATTACKS?

How To Protect Yourself from Ransomware?
The best protection against WannaCry and other such ransomware attacks is to have all files backed up in a completely separate system. This means that if you suffer an attack you won't lost any information to the hackers. 

It is difficult to prevent determined hackers from launching a ransomware attack, but exercising caution can help. Cyber attackers need to download the malicious software onto a computer, phone or other connected device.

 The most common ways of installing the virus are through compromised emails and websites. For example, hackers could send an employee a phishing email that looks like it comes from their boss asking them to open a link. But it actually links to a malicious website that surreptitiously downloads the virus onto their computer. Downloading a bad program or app, and visiting a website that is displaying malicious adverts can also result in an infected device. 

The best way to protect yourself is to be suspicious of unsolicited emails and always type out web addresses yourself rather than clicking on links. Another key defence is antivirus programs that can scan files before they are downloaded, block secret installations and look for malware that may already be on a computer.

Cyber security companies have developed sophisticated defences against the cyber attack, including machines that fight back when they spot hackers in a system.

WHAT TO DO IF YOU'RE A VICTIM - SHOULD YOU PAY THE RANSOM? 

WannCry Message

Victims are advised to never pay the ransom as it encourages the attackers. Even if victims do pay there is also no guarantee that all files will be returned to them in tact.


Instead, the best thing to do is restore all files from a back up. If this isn't possible, there are some tools that can decrypt and recover some information.                                                                      

HOW MUCH DO HACKERS DEMAND, AND WHY IN BITCOIN?

Bitcoins
Ransomware often demands between 0.3 and 1 Bitcoins (33,000 - 113,700), but can demand a payment denominated in dollars but made via Bitcoin. The digital currency is popular among cyber criminals because it is decentralized, unregulated and practically impossible to trace. Although it may seem like a small amount to charge, the ransomware attacks are often widely distributed, so the ransom payments can stack up.

Comments

Post a Comment

Popular posts from this blog

What if, the speed of the Earth's orbit were to increase to 99.99% of the speed of light?

-
Image
The Earth would be flung out of the Solar System, as we suddenly exceed the Solar Escape velocity ( 42 k m / s ) by several orders of magnitude. Within 3 minutes we will be outside the orbit of Mars. Within an hour we will have passed Jupiter. Within 5 hours, the Earth will be outside the orbit of Pluto. Within 16 hours, we will have overtaken Voyager 2. Within 19 hours we will have overtaken Voyager 1. Depending on the above given definition, we will leave the solar system some time between 17 hours and two days. At this point there’s a  whopping  great gap, as the planet cruises through interstellar space. Depending on what direction you head in, you may reach the following milestones (you won’t reach all of them, because they’re in opposite directions!) By the time Donald Trump’s first (only?) term ends (2021), we will have reached our nearest neighbour,  Proxima Centauri in the  α α -Centauri system By the time that the  first Mickey ...
Read more

YOUR DATA FOR SALE : The Web Data Mining

-
Image
OK, let's blame it to the festive season that you have gained a few pounds in the last 2 months... And now, you have a vacation lined up, after which you will definitely be posting in quite a few pictures to flaunt a little about your latest vacation.  But then, you would want to be in shape before all this happens and someone points it out on your FB wall and embarrass you for no reason. So, here begins your weight loss spree..! It's  12 am, and you're surfing some weight loss tips. You search for a daily diet regime and exercise plan since you bet to follow it the very next morning.  While you surf, the different pages show you the clothes/shoes you surfed the other night. But you decide not to deviate from the topic but they somehow tempt you to go to their website and buy something more useful at this moment. You end up buying a weighing machine after having compared the prices at different websites and reading their reviews.  And you are now qui...
Read more

What if, everyone on Earth stood as close to each other as they could and jumped, everyone landing on the ground at the same instant?

-
Image
At the start of the scenario, the entire Earth’s population has been magically transported together into one place. This crowd takes up an area the size of Rhode Island. But there’s no reason to use the vague phrase “an area the size of Rhode Island.” This is our scenario; we can be specific. They’re actually in Rhode Island. At the stroke of noon, everyone jumps. As discussed elsewhere, it doesn’t really affect the planet. Earth outweighs us by a factor of over ten trillion. On average, we humans can vertically jump maybe half a meter on a good day. Even if the Earth were rigid and responded instantly, it would be pushed down by less than an atom’s width. Next, everyone falls back to the ground. Technically, this delivers a lot of energy into the Earth, but it’s spread out over a large enough area that it doesn’t do much more than leave footprints in a lot of gardens. A slight pulse of pressure spreads through the North American continental crust and diss...
Read more