“Wanna cry” these 2 words have grabbed enough attention of the world after bahubali 2, while the latter was something to be proud of , wannacry a.k.a. wannacrypt or wanna decrypter is something to be taken care of.
The Modus operandi goes something like this : a piece of data or a patch in software enters into the system by way of internet or external connections and names itself “wannacry”. Once you click on that file it will first try to find killswitch domain name (a programme used to deny access to internet), if it can not find killswitch, the ransomware would encrypt your data and it will display a ransom message. The cost of getting the data back is 300$ in bitcoin and if you don’t pay it in 3 days amount will be doubled.
It’s been 5 days since the hit, world is bleeding. For all the not-so-nerd and lazy lads like me, here is quick snapshot of what happened and why it’s dangerous for you and your precious data:
It all started on 14th April 2017 when the hacker group known as The shadowbrokers released an exploit known as Eternalblue which is believed to be developed by National Security Agency of US.
Eternalblue is a chunk of data which takes advantage of a vulnerability of of a computer system to cause unintended or unexpected behaviour in the system. Such behaviour ranges from unauthorised access to your valuable private data to denial of service. Needless to say Eternalblue is heart of wannacry.
The below map tracks(if clicked) the malware’s spread and shows the status of the attacks in real time with the regions getting affected:
Enough of tech talks, here are some funfacts:
1) Microsoft already predicted this 2 months ago and they released a security patch named MS17-010 to prevent this. However most of the Organisation didn’t install It. (you are not the only lazy one.)
2) The wallets in which ransom is to be paid have publicly availed their transactions and balances but the owners are still unknown. As of 17th May 2017 they have collected more than 72, 000$ which is less than expected in the group of peer worms. (he is the one who is struggling to cope up with scholars of his class )
3) The security patch mentioned above was not released for windows XP, windows 8 and windows server 2003. And most of the ATMs in India run on windows XP. Luckily Microsoft took a highly unusual step and released a security patch on 13th May 2017 for its out of support operating system like XP (Just like Indian police in old Bollywood movies).
4) Several hours after the Hit, a 22 year old geek named Marcus hutchins accidentally discovered that so called killswitch and stopped further spreading of attack (the real Compubali).
5) It has affected many National Health Service Hospitals in UK and Scotland. Attack was so severe that Nissan motors manufacturing and Renault halted their production after it got hit. Surprisingly Andrea Pradesh Police, Government of Kerala and Government of Gujrat also comes under the list of infected.
Instead of telling what you should do, let’s take a look at the things which you are doing which can lead to infection:
1. Blindly giving all permissions to Apps/Softwares without knowing the purpose they serve.
2. Not updating the windows regularly.
3. Installing softwares/Apps from unknown sources.
4. Not updating latest virus definition in your system.
5. Not keeping a timely backup of your important data.
It might seem like a small rat in the hole but you may end up being its snack if not prevented in time. So it’s better to watch your actions if you love your phone/PC or data.