The news of the latest malware attack on a global scale which has held hundreds of thousands of computers hostage has hit the internet with the storm. Dubbed as WannaCry (also known as WannaCrypt or WannaCryptor), the ransomware has wreaked havoc across 150 countries including India, with more than 200,000 computers are reported to be infected by this malware.
The ransomware attack is dubbed as one of the most prolific cyberattacks in the history of the internet. The list of victims is pretty long which include top notch business companies, hospitals, telecommunications, banks and more. Moreover, the list will add new members as well as more devices and machines will be attacked by this malware in the future. However, one should be aware at least aware of what he/she is up against. So, in order help you prepare against this horrendous malware attack, here is everything you need to know about the WannaCry ransomware and how to protect your data against this attack.
What is WannaCry ransomware? What does it do?
For starters, let’s first understand what a ransomware means. Through this technique, hackers hold your computer hostage by encrypting almost all the data on your device until you pay the ransom amount asked by the hacker. The hackers give you a limited time to pay the ransom, or else they will wipe out the entire data.
This WannaCry attack is similar and takes advantage of a loophole found in Windows. Recently in April, a hacker group known as Shadow Brokers leaked two tools known as EternalBlue and DoublePulsar, which were used by NSA to infiltrate computer networks. The hackers had used these tools along with a loophole in Window known as Server Message Block connections or SMB to propel the attack. The SMB networks are used in computer systems that allow the transfer of data between two trusted computers.
The hackers behind WannaCry hijacks this connection using the EternalBlue, which is then spread to the entire network. The DoublePulsar then creates a backdoor into affected computer system, allowing hackers to encrypt all the data present in the computers secretly. Further, WannaCry hackers are demanding a $300 from the victim in bitcoins to decrypt the files. If the user does not pay the ransom in three days, the amounts double to $600. Moreover, if one still refuses to pay, then the hackers delete all the encrypted files after seven days.
Who are all affected by WannaCry?
According to multiple reports, hundreds of thousands computers in 150 countries have been hit by the ransomware attack. In India, it is speculated that more than 40,000 computers have been affected by the assault, and the recent one is the attack on the Tirupati temple in Andhra Pradesh, which is one of the richest Hindu shrines in the world. Technically, anyone who is connected to the internet can and will be affected by the WannaCry ransomware. However, the majority of the victims are those users who continue to use an older version of Windows including Windows XP, Windows 8 and Windows 7.
How do I protect myself?
First of all, if you are running a Windows-powered PC, then make sure that your Windows is updated to the latest software update. Secondly, you should probably start backing up all your sensitive data on an immediate basis, so even if the ransomware has attacked your computer, your data will be saved. Thirdly, avoid opening any link from a suspicious-looking email.
Is the attack over?
No. Although, the first wave of attack was halted by a researcher from MalwareTech with a kill switch, but the hackers have been able to deploy a newer version of the WannaCry malware known as WannaCry 2.0. The improved version cannot be stopped with a first kill switch, and multiple reports suggest that the new version does not have this kill switch.
What to do if my computer is affected with WannaCry?
Sadly, there is no fix available at the moment to stop this ransomware attack. Many antivirus companies and cybersecurity experts are burning the midnight oil to find some alternatives to decrypt files on the infected computers. However, there is no third-party decryption available at the moment. Interestingly, many experts believe that wiping your machine and restoring your data from backups is one way to recover from this attack. However, if you do not do regular updates and sadly, there is nothing one can do.