….just remain vigilant about security issues surrounding you! The ‘Wanna Cry’ ransomware is the talk of the world having affected 150 countries including India, Spain, Britain, parts of Europe and crippling 2,00,000 systems globally.
What is Wanna cry ransomware?
Recall, that ‘ransomware’ is a type of malware that encrypts all your files and prevents you from accessing it until a ransom is paid! The Wanna cry malware makes use of a vulnerability on Windows systems first revealed by the NSA(National Security Agency) The ransomware was first detected on May 12th afternoon after it attacked Britain’s National Health system.It soon spread across different countries catching users by surprise.The ransomware locked systems and demanded $300 in Bitcoin money. (Why Bitcoin? It is because bitcoin cannot be easily tracked unlike other types of currencies)
The map above shows the countries that were affected by ‘Wanna cry’ ransomware.
Why does it spread so easily?
The Wanna cry ransomware hid itself in Word documents, PDF files and other peer-to-peer exchanges and mutated itself all across the world. Since we are living in an increasingly digitized world, it was not difficult for the malware to replicate itself and spread rapidly. However, the primary reason for it, spreading so rapidly in countries like Britain and Europe is also the fact that most machines are running older versions of Windows which had vulnerabilities but were not been duly patched.In countries,like India, many systems run pirated versions of the Windows software and that might be an important obstacle to install security updates or patches too.
Who was most vulnerable?
All banks, hospitals, educational institutions,manufacturing, retail, private organizations, government organizations and individuals were at risk of being affected by this ransomware. Though the repercussions of the Wanna cry ransomware was much less than feared in India, as of this writing there were 48,000 ‘Wanna cry ‘ransomware attacks in India alone.
Who is behind this?
As of this writing, there has been no group or individual claiming responsibility for the attack.
As always, how to protect oneself from falling a victim to these attacks:
- Never click on malicious links(Wanna cry may have initially mutated itself via email attachments)
- Always backup data regularly
- Use licensed software and install updates and patches regularly
- Most of the time, it is advised to not pay the ransom and approach law enforcement officials right away(on a side note: please check and react accordingly – each situation may be different)
- Always keep tuned to the latest in cyber security tools and updates particularly.
- Create a security plan for the entire organization(if the organization is big, it will take more time to create and follow it)
If you have fallen a victim to the attack:
It is always good to disconnect from the Internet and avoid sending emails or any other attachments to prevent the ransomware from spreading more and inform the CISO or any other security practitioner.
We have seen the Wanna cry ransomware and its implications in this post. Ransomware and other forms of attack is a reality that is sweeping our world and is always good to stay one step ahead of the attackers by keeping abreast with security policies, procedures,patches and updates!