Breaking News

WannaCry : What is this 'ransomware' ?



Friday's cyber attack hit 200,000 victims in at least 150 countries and that number could grow as the week begins.

Cyber security experts say the spread of the virus named as WannaCry has slowed, but that any respite might be brief.

Malicious software called 'ransomware' has forced British hospitals to turn away patients and affected Spanish companies such as Telefonica as part of a global outbreak that has affected tens of thousands of computers.

Also known as WanaCrypt0r 2.0, WannaCry and WCry.

What is WannaCry?
How Does it work?
How Does it spread?
Where has it spread?
What is so special about WannaCry?

WannaCry is a form of ransomware that locks up files on your computer and encrypts them in a way that you cannot access them anymore.
A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the US' National Security Agency (NSA), according to cyber-security providers.

Ransomware is a program that gets into your computer, either by clicking on the wrong thing or downloading the wrong thing and then it holds something you need to ransom.
In the case of WannaCry, the program encrypts your files and demands payment in bitcoin in order to regain access.
Security experts warn there is no guarantee that access will be granted after payment. Some ransomware that encrypts files ups the stakes after a few days, demanding more money and threatening to delete files altogether.
There are different variants of what happens: Other forms of ransomware execute programs that can lock your computer entirely, only showing a message to make payment in order to log in again. There are some that create pop-ups that are difficult or impossible to close, rendering the machine difficult or impossible to use.

Researchers with security software maker Avast said Russia, Ukraine, and Taiwan were the top targets of the attack, but dozens of other countries also reported system infections.
James Scott, from the Washington DC-based Institute of Critical Infrastructure Technology, said ransomware emerged "as an epidemic" back in 2016. He said the healthcare sector was particularly vulnerable because of poor digital security knowledge.
"The staff have no cyber-hygiene training, they click on phishing links all the time. The sad thing is they weren't backing up their data properly either, so that's a big problem. They should be doing that all the time," Scott told Al Jazeera.
"Everyone's vulnerable right now because you're only as strong as your weakest link within your organisation from a cyber-perspective."

WannaCry is not just a ransomware program, it’s also a worm.
This means that it gets into your computer and looks for other computers to try and spread itself as far and wide as possible.
Ransomware has a habit of mutating and so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates). Many security firms are already aware of WannaCry in past forms and most are looking at this one right now to see how it might be stopped.
Several cyber security firms said WannaCry exploits a vulnerability in Microsoft and that Microsoft patched this in March. People don’t always install updates and patches on their computers and so this means vulnerabilities can remain open a lot longer and make things easier for hackers to get in.






No comments