Many of you must have already heard about the latest cyber attacks that have affected more than 100 countries. The attack is a ransomware known as WannaCry, WannaCrypt, WanaCrypt0r 2.0 or WCry and targets computers with Microsoft Windows only. Started two days ago (May 12, 2017) – the attack has infected more than 200,000 computers already targeting individuals and organizations all across the world. National Health Service which had to turn away some non-critical patients due to non-functioning computers/system in United Kingdom is among the biggest victims of the attack. Other big names among the victims included German train network Deutch Bahn, Auto-manufacturers Nissan & Renault, Sapnish telecom company Telefónica, American courier delivery company FedEx & Russian Interior Ministry.
Until now there’s no information on which key organizations were attacked in MENA countries but the interactive map show that all the MENA countries were indeed attacked. Jordan, Morocco & Saudi Arabia being the biggest victims.
Ransomware is nothing new. The first documented case of a ranomware appeared as early as 2005 in the United States. Its a malware that locks your computer, cellphone or any other device. The attackers take control of your computer and block your access to the files in it with a screen or desktop background showing you a way to pay them and until you do that, the access cannot be restored. It’s normally done by having victim click on a link or download a file. Once you do that, the hackers gain access to your system and launch the attack which results in encryption of all the files on your computer or network.
What is WannaCry?
WannaCry is a specific ransomware program that was allegedly started by National Security Agency (NSA), military intelligence organization of United States by the name of EternalBlue. Last month, EternalBlue’s code was stolen and released by a hacktivist group. Now someone took that code, made few changes in it and launched it as WannaCry. It locks all the files on computer except the WannaCry file itself and the instructions on what user can do next to get the encryption key.
When opened, the users can see a screen saying that all their files have been locked/encrypted and gives them instructions on how they can pay a certain amount to get the encryption key which will unlock all their files. The hackers accept payment in bitcoins only (as there’s no way to track it) so they also tell you where and how can you buy bitcoins. Very thoughtful of them, actually. Oh yes, they also give you a deadline by which you must pay or your files will be deleted and the malicious software comes in more than 30 different languages so if you don’t understand English, you can choose a different language from the dropdown to understand instructions.
It is being spread through emails mostly. Users click on attachments in the email or open a link in it and the attack is launched.
Think of it as a kidnapper who has kidnapped all your files and is now asking you for money in form of gold coins. To help you, he also tells you where or how can you buy these gold coins and yes he speaks more than thirty languages.
How can you protect yourself?
To start with, do the basics right.
- First things first. Always keep a backup of all your files or atleast the important files in cloud or another system. Its not really an option anymore, it has become a must.
- Don’t open any link or attachment that comes from a source you’re not familiar with or you don’t trust. Be extremely careful with this. Read the complete email address, verify the domain and ensure that the email is genuine before you click on any link in it.
- Keep your windows updated.
- Don’t. Don’t even think about downloading anything for a source you don’t trust. It not worth taking the risk. Definitely not.
- Antivirus may not necessarily solve the issues but it is definitely critical to have one on your computers
That’s about it. If you do these things right, the chances of you ending up as a victim of this cyber attack are almost zero.