The Recent Ransomware Attack

8 months ago in Cyber Hacking
The Recent Ransomware Attack

There was a Ransomware attack of a massive proportion on 12th may, 2017. Computers over 99 countries were affected by this attack.

The Ransomware named WannaCry is the main culprit of this attack. There were recorded 75,000 cases of infection of WannaCry and few of its variants all over the world. Among the affected countries, there are Russia, China, Spain, Germany, UK, US and various others. Among the infections, the attacks on National Health Service (NHS) was most devastating. It canceled many of the operations and appointments. Hopefully, no ongoing operations were hampered.

The staff at NHS shed light on demands though. $300 was demanded as payment to unlock files for each computer and the payment must be in the virtual currency Bit coins.
Among the infections there seems to non-more severe than the infection in the NHS but there still some loses but not too great.

Apparently, Russia had more infection than any other single. There were infections on domestic banks, the interior and health ministry even on the second largest mobile phone network in Russia. There were reports of 1000 computers of being infected in the interior ministry. Luckily no sensitive data was compromised.
In Spain, number of large companies were hit namely Telefonica (a telecom giant), Iberdrola (utility and power provider).

In France, a big time car making company Renault got hit, Portugal Telecom in Portugal. FedEx delivery company in the US and so on. All of these were done by an exploit on windows operating system.



Now one might ask what is a Ransomware?

A Ransomware is a malicious software that carries out a cryptographic attack on the computer. It encrypts data files on a computer and blocks access to those files until asked ransom is paid. After encrypting files it shows a message of sorts requesting payment to unlock.

Once a Ransomware hits a PC there is little one can do it save his PC from it but there are steps to prevent such an attack.

But first, we must understand how is Ransomware delivered to one’s computer or how it is spread?

These are the most common methods of the spread of this malicious software:
• Spam mail
• Security Exploits of software and systems
• Website redirection to malicious site
Now on to protection and prevention

Most of the malicious software tends to evade many big time antivirus software since they are designed and built to take action against viruses which are a kind of malware. But not to despair as there is software that can deal with malware in general one such software is Malwarebytes.

But still, It is not 100% effective that is why there should be some steps taken to keep the damage at a minimum :
• Do not store important data on your computer
• Have 1 or 2 backups of the data that is of importance
• Keep the software that being used up to date that also goes for operating system
• Keep the security software up to date especially.
• As one of the main infection of the Ransomware happens with the web browser consider tightening its security
• Use ad-blocker to block potentially harmful ads
• Remove outdated or suspicious plugins or ad-ons.
In conclusion, there is little to no cure against the harm from Ransomware. But its harm can be minimized or can be avoided altogether with a bit of vigilance over one’s use of the web and careful using of the computer.

-via bbc and heimdalsecurity


You may also like these posts.