Things to Know About the ‘WannaCry’ Ransomware Attack
“Despite appearing to be criminal activity meant to raise money, it appears that less than $70,000 has been paid in ransoms and we are not aware of payments that have led to any data recovery”.
Jonathan Sander, chief technology officer for STEALTHbits Technologies, called WannaCry “a Frankenstein’s monster of vulnerabilities with patches and exploits that were stolen from the NSA and published for all to see”. Security experts around the world are still wary about it; they are nearly certain that either new variants of the malware that ignore the kill switch will appear or that similar malwares by copy-cat authors will.
Here are the things we’ve learned so far.
In a statement, the central bank said the consequences of the attack – which it did not detail – had been dealt with quickly.
The WannaCry attack took over computer systems, caused them to freeze, and displayed the message, “Oops, your files have been encrypted!”
Mr Smith argued that in cyberspace, governments should apply rules such as those regarding weapons in the physical world. With cyber-security experts saying that the malware infected at least 45,000 computer systems belonging to Indian organisations ranging from banking to IT services to small retail shops, there’s enough ground to speculate on a possible under-reporting of related incidents. “Eventually, constraints on cyber espionage may be necessary, but these would only work if everyone observed them, and there is reasonable doubt that China and Russian Federation would go along”.
One reason that the attacks were so effective was that systems weren’t updated properly.
Smith said the fact that so many computers were hit with the attacks two months after the release of a security patch shows that increasing cyber security is the responsibility of both tech companies and customers.
WannaCry takes advantage of a vulnerability in Microsoft Windows.
However, not everyone downloaded and implemented the patch, contributing to the fast spread of the malware. “You’ve got to keep your systems updated”. While a newer virus can just come in and override even the latest updates, implementing the latest available patches will still offer more security as opposed to not doing so. The post did not identify other products by name.
“Using outdated versions of Windows that are no longer supported raises a lot of questions”, said Christopher Dore, a lawyer specializing in digital privacy law at Edelson PC.
A deeper look into the Trojan’s eruption reveals a callous disregard on Microsoft’s part for users of its older operating systems. The continuing use of the old OS is one of the conditions that contributed to the spread of WannaCry.
Exploits for operating systems, including Windows 10. Often they don’t even have the awareness that there’s a problem to begin with. For example, a hospital X-ray department using an XP-based machine might need a new version of the software that controls its X-ray machines.
In March, Microsoft unveiled a patch to address the issue, but several users are yet to have their systems updated. “Occasionally mistakes happen”, he added.
Ransomware finds leverage through the value of the information they kidnap.
There is absolutely no guarantee the criminals would give your files back.
Shortly after registering the domain, MalwareTech discovered that “our registration of the domain had actually stopped the ransomware and prevent the spread”. Sometimes, in the case of organizations or institutions employing individuals, the actual device is needed for operations.
Some ransomware does also sometimes targets backup files, though.