Wannacry ransomware attack is the largest cyber attack occurred in recent years.It Infected more than 2,00,000 systems in 150 countries.It has spread very fast until a researcher found its KillSwitch and halt its spread.
It is too dangerous because it starts spreading between systems like a worm it infected around 75,000 systems within 24 hours.It is also a big privacy concern that the data present on the victim's system can be sold on Darkweb.A report says that 56 crore Ids and passwords found on an anonymous database .
Tip2: Install Windows Update MS17-010 released by Microsoft on 14th March 2017
Tip3: Do not click any suspicious links from emails, google docs or anywhere on the internet.Update your system even if you're using an unsupported operating system like windows XP,7 Microsoft has released the patch for those systems too.
Emergency Press release about Wannacry
Best moral should be learned from this attack is always keep your operating system and antivirus system up to date.
What is WannaCry ?
It is a ransomware a kind of malware tool which is also known as WannaCrypt,WannaCryptor 2.0,Wanna Decryptor 2.0.How does it work?
It encrypts files in victims system and demands money for its recovery.It uses an exploit named Eternalblue which functions by a vulnerability in windows system which was avoided by a patch released on march 14th.But many people has not yet installed the patch.So the attack infected a large number of systems across the globe.
How dangerous it is?
It is too dangerous because it starts spreading between systems like a worm it infected around 75,000 systems within 24 hours.It is also a big privacy concern that the data present on the victim's system can be sold on Darkweb.A report says that 56 crore Ids and passwords found on an anonymous database .How does the spread of attack halt?
The spread of attack was stopped by a cyber security researcher who accidentally found its Kill Switch.No.of systems infected till now?
Total 2,93,000 systems was infected with this malware as on 18 may according to IntelMalwareTechWho is behind this attack?
It is still a mystery that who is behind this attack.But few google researchers finds link between Wanna cry attacks and north Korea
How can we prevent it?
We can Prevent it with these three measures stated below
Tip 1: Disable windows SMB feature which will be enabled by default.
Go to control panel >Programs >Programs and features>Turn Windows features on or off>SMB V1.0/CIFS file sharing support
Go to control panel >Programs >Programs and features>Turn Windows features on or off>SMB V1.0/CIFS file sharing support
Tip3: Do not click any suspicious links from emails, google docs or anywhere on the internet.Update your system even if you're using an unsupported operating system like windows XP,7 Microsoft has released the patch for those systems too.
- Indian CERT:http://www.cyberswachhtakendra.gov.in/alerts/wannacry_ransomware.html
- US-CERT: https://ics-cert.us-cert.gov/sites/default/files/FactSheets/ICS-CERT_FactSheet_WannaCry_Ransomware.pdf
- Microsoft: https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07
Best Security practices to prevent any ransomware attacks in future:
- Don't open email attachments even if it looks genuine .Better ask the email sender whether he sent it because malware can compose emails without the user's knowledge.
- Keep your Antivirus updated
- Keep the operating system up-to-date (Its better to enable auto updates )
- Take regular backup of all sensitive and critical data.
Best moral should be learned from this attack is always keep your operating system and antivirus system up to date.