Wannacry Ransomware Attack

In this era of digitization, the use of computers in each and every day to day application is on the peak. What we fail to realize is that we are still only aware of advantages of this bigger picture. All the flaws behind it are still hidden in a veil which are now being uncovered and presented in the most brutal form. One of its imminent example is the recent Wannacy Ransomware attack. This attack mainly targeted computers running on the Microsoft Windows operating system and demanded ransom payment in Bitcoin cryptocurrency.

The attack began on Friday, 12 May 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries. Parts of Britain National Health Service (NHS), Spain's Telefonica, FedEx and DeutsheBahn were hit, along with many other countries and companies worldwide. Shortly after the attack began, a web security researcher who blogs as "MalwareTech" discovered an effective kill switch by registering a domain name he found in the code of the ransomware. This greatly slowed the spread of the infection, effectively halting the initial outbreak on Monday, 15 May 2017, but new versions have since been detected that lack the kill switch. Researchers have also found ways to recover data from infected machines under some circumstances.

In these type of attacks , the hackers hack a particular site or database and take the control of the computer and demand ransom in order to release their control. Such type of attacks have increased recently. Another aspect about which the people are unaware is that they only demand ransom in terms of Bitcoin cryptocurrency. Have you ever wondered why only Bitcoin ?

The answer to this question is that Bitcoin is the type of currency in which you can carry out transactions without ever revealing your identity. So it minimizes their risk of getting caught. This is the main reason behind it.

For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake.

Once the software is on a victim's computer the hackers can launch an attack that locks all files it can find within a network. This tends to be a gradual process with files being encrypted.

What is Wanna Decryptor?

Wanna Decryptor, also known as WannaCry or wcry, is a specific ransomware program that locks all the data on a computer system and leaves the user with only two files: instructions on what to do next and the Wanna Decryptor program itself.

When the software is opened it tells computer users that their files have been encryted, and gives them a few days to pay up, warning that their files will otherwise be deleted. It demands payment in Bitcoin, gives instructions on how to buy it, and provides a Bitcoin address to send it to.

Most computer security companies have ransomware decryption tools that can bypass the software.

It was used in a major cyber attack that affected organisations across the world including the NHS and Telefonica in Spain.

How to protect your computer?

The main issue to worry about is how to protect your computer. The best technique to protect the computer is to have all the files backed up in a completely separate system , that means even if the computer gets hacked you have your content safe in another system. It is difficult to prevent determined hackers from launching a ransomware attack, but exercising caution can help. Cyber attackers need to download the malicious software onto a computer, phone or other connected device.

The most common ways of installing the virus are through compromised emails and websites.

For example, hackers could send an employee a phishing email that looks like it comes from their boss asking them to open a link. But it actually links to a malicious website that surreptitiously downloads the virus onto their computer.