Beginning on Friday, May 12, 2017, organizations across the world were hit by a cyberattack called WannaCry.
The way it works is that once it infects a computer, it encrypts – or basically scrambles – all the data.
WannaCry is a type of trojan virus called ransomware.
Microsoft and the NSA have each been blaming the other for the ability of WannaCrypt to utilize a vulnerability in SMBv1 to spread.
The exploitation of EternalBlue, suspected to have been developed using a hacking method leaked from US National Security Agency, allows the malware to spread through file-sharing protocols set up across the internal networks of organisations, many of which criss-cross the globe, according to Financial Times. Also, Microsoft has released a patch for Windows XP and its server counterpart Windows 2003.
You may want to consider turning on automatic updates from Microsoft Windows. Playing with fire finally caught up with the victims.
He stressed that consumers also have a pivotal role and must not be complacent. Microsoft requires Windows 10 customers to automatically update their computers, but some people with older PCs disabled automatic updates.
USA package delivery giant FedEx, European vehicle factories, Spanish telecoms giant Telefonica, Britain’s health service and Germany’s Deutsche Bahn rail network were among those hit.
In Britain, where the virus first raised global alarm when it caused hospitals to divert ambulances on Friday, it gained traction as a political issue just weeks before a general election.
“NSA should be embarrassed – they’ve had a lot of damaging leaks”, said James Lewis, a former USA official who is now a cyber expert at the Center for Strategic and International Studies. Microsoft released a software update in March that protects against this vulnerability, but we’ve since learned that many people did not update their computers. Those who hadn’t installed those patches before the “WannaCry” outbreak now have another reminder of how crucial it is to stay up-to-date.
Apple’s Mac computers were not targeted by this ransomware attack so are clear.
The report said that in China, more than 29,000 IPs were infected by the virus from Friday to Saturday, most of which were universities, hospitals, transport systems and companies. (These are the most important patches that the company recommends users install immediately).
Government departments also needed to back up their data, he said. Use a reputable security software to prevent attacks in the future.
So should I pay these hackers to make the problem go away?
According to the researchers at Heimdal Security, hackers have upgraded the ransomware, and it is now popping up without the Achilles heel – carrying the name Uiwix. Patched computers carry a much lower risk of being infected by malware or ransomware than those without an update.
Large companies and government agencies, including Megafon, the second biggest mobile provider in Russian Federation, worldwide shipping company Fedex, and the National Health Service, Britain’s national healthcare administration, were among the more high-profile victims of the attack, dubbed “WannaCry”, on Friday.
Over the weekend, the spread of the malicious code was slowed by the accidental discovery of a killswitch within the malware itself – but it’s still out there, and could be replaced by an enhanced version at any time.