On 12th May one of the worst cyber-attacks took place when a Ransomware known as Wannacry (wcry) hit in over 200 organizations and 150 countries. It was a major disaster and caused some serious financial and technological damage. In order to understand what Wannacry was, we first have to understand what Ransomware actually is.
Ransomware is a cyber-attack in which hackers gain access to their victim’s computers through the web and encrypt (lock) their files. In exchange to unlock those files, a ransom is asked from the victim and payment is usually asked to be made in Bitcoin which is an untraceable online payment system.
In order to gain access to the victim’s computer, hackers usually use a fake promotional message on which users click and get fooled. These messages are usually in the form of spoof discounts, free goodies or cleaner software. Once the link is clicked a program is secretly downloaded that integrates itself in the system registry and the encryption begins.
Wannacry worked on the same principle of ransomware as it latched onto the computer and locked the user’s files and then demanded bitcoin money in exchange of decrypting the files. People who gave the ransom ended up with their data back but some of them got dealt a bad hand and their files were deleted anyway. This is what Wannacry looks like.
As you can see above, the Ransomware started a timer that kept track of the duration the ransom should have been paid in. The people behind Wannacry even gave customers a sample by telling them they can decrypt some of their files for free. At the bottom, the ransom amount along with the web address is present with even a button that verifies the payment along with the final decrypt button. The Wannacry attack is one of the worst cyber-attacks that ever happened in the IT world.
How to Protect Against Ransomware?
Ransomware mostly hit computers that are poorly protected in general. In order to ensure your computer stays away from such trouble, it is imperative that some measures are taken.
- Install Anti-Virus Software- Even though the anti-virus that comes along with Windows (Windows Defender) is enough in most cases, it is recommended that an additional program is installed to protect against security threats. Popular examples of Anti-Virus software include Norton Antivirus, AVG Antivirus, Avira, Bit Defender etc.
- Install Anti-Malware – Along with an Anti-Virus, it is important that Antimalware software is present. Malwarebytes is by far one of the most popular antimalware software out there. Install it to protect yourself against Malware that might secretly bypass your antivirus.
- Stay away from suspicious sites – Your PC will be free from these threats if you are a smart user and stay away from websites that look fake. Don’t fall in for too good to be true discounts or software that claims to make your computer 2X faster for free. Remember there’s no such thing as a free lunch.
Always remember to check your address bar to check the authenticity of the website and browse with care.
Is Anyone to Blame?
Wannacry ransomware attack happened because people got lazy. Even though ransomware is an outdated method to extort money, it was practiced and worked. Hackers gained thousands of dollars just by having victims pay exorbitant amounts of money. This attack could have been avoided and was actually luckily stopped by a young cyber security expert who accidentally hit the ‘kill switch’ on the ransomware by purchasing a new domain online.
A recent report by The Financial Times suggests that Microsoft actually held back on a security patch that could have slowed down the cyber extortion. The report further claims that Microsoft charges insane amounts of money from its customers in exchange for heightened security for their computers.
This report has caused some serious damage to Microsoft’s reputation as over 500 million devices run on Windows which makes a lot of customers anxious. Moreover, Shadow Brokers, the group behind the attack claim that there are vulnerabilities in Windows 10 they intend to exploit and will cause further damage. Whether or not Microsoft fixes all this is up to them. Only time will tell the future of cyber security.