Your Tech Story

The Impact Of WannaCry Or WannaCrypto Ransomware

WannaCry or WannaCrypto ransomware attack took the world by storm this year taking down more than 230,000 computers within a day! The attack was reported on 12th May, 2017 and since then, the malware has spread globally affecting organizations, banks and services all over the world. NHS or British National Health Service has been compromised due to the attack. They are not even able to accept patients or perform operations due to the damage done to their systems. Starting with NHS the attack didn’t stop there. Other companies affected by the attacks included the Spanish telecommunications company, Telefonica, Gas Natural and electricity provider Iberdrola. Add FedEx in the U.S. and Renault in France to the list as well.

Those who still don’t know, Ransomware is a malware that causes data unavailability either by completely locking a computer or encrypting a part of the data storage. All this in order to pull a ransom out of your pockets in exchange of providing the access again. But, there is no guarantee whatsoever that you are going to get your confidential data back once you pay the money, which makes it even more haunting.

WannaCry affects PCs in a similar fashion. When it successfully hacks the storage, that is within seconds, a pop up comes up demanding a ransom of $300 in Bitcoins to restore access. The payment has to be done within three days of the attack or the amount doubles. That said, if one fails to pay even in a week’s time, data is permanently deleted, according to the pop up.

Recently came into light, WannaCry was first reported in March being leaked from NSA (National Security Agency), USA. It utilizes a flaw in Microsoft OS (named EternalBlue) discovered by NSA which hackers converted into a ransomware. Although, Microsoft was quick enough to release the patches for Windows OS, even for the outdated ones to provide overall safety, within the month of March itself, but not everyone was aware of what’s coming and didn’t provide the much-needed update to their system.

According to Microsoft’s president and chief legal officer Brad Smith, government agencies are to blame for the massive cyber attack. He clearly spoke his heart out through a post on Microsoft’s website about it. He wrote:

Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cyber security threats in the world today – nation-state action and organized criminal action.

As of now, a so called “kill switch” has been discovered accidentally, by a cyber security specialist, which has halted the spread, but that’s not the end in any sense. Ransomware attacks form a really good business by the way (if you got the skills) and people are willing to pay for their private data. Considering how convenient it has become to launch an attack like that in this era of internet, there will be many more ransomware attacks in near future. Coming to prevention, it’s the same for any virus attack and most probably you know what you have to do to stay protected. Don’t be lazy! Take the measures and remain safe.