The World Wide Web has been hit by one of the largest ever cyberattacks dubbed WannaCry, with a reported 150+ countries currently affected by the ransomware attack.
From a vulnerability that was uncovered by the National Security Agency (NSA), WannaCry has now been released by hackers to the web and as at the time of this writing, it is being used to execute one of the most creative cybercrimes the world has ever seen. More than 200,000 computers in the U.S., China, Russia, the UK and over 150 other countries across the globe have been hit by the deadly malware attack.
WannaCry is a ransomware attack, which means that it cripples computer systems and locks up people’s data. It then goes ahead and demands that you pay a ransom or lose whatever data that you have stored on the computer. So far, the most affected are large institutions with huge chunks of data, among them hospitals, telecommunication companies and banks.
So, what exactly is this WannaCry?
As noted, WannaCry, also known as WannaCrypt, is a ransomware attack – an attack that holds your computer’s data captive and demands that you pay a ransom in order to get it back. Once it gets into a computer, it encrypts or rather corrupts all the data stored on the hard drive. After a successful encryption, the malware will display a screen to you with some instructions on what to do in order to gain back access to your data. Usually, money is the target of the persons behind the attack and as such, they threaten to increase the price you need to pay if you take longer until the end of a countdown. When the time ends, which is seven days, WannaCry will destroy all of your data.
Who it targets and how to stay safe
So, now that you know what exactly WannaCry is, you might be wondering if you are vulnerable to this attack. Everyone who is using a Windows PC that has outdated software, including the OS itself, is at a huge risk. Updated software is meant to protect PCs – and mobile phones – from such kind of attacks and if not installed, it means the device and the data stored on it is vulnerable. WannaCry is easy to spread through file sharing systems and it’s probably why the attackers are targeting large institutions whose computers use a shared network.
In corporate institutions, it is usually the IT department that is in charge of sending out security updates over the shared network and sad enough, they’ll probably send them when they feel like. This means that if one computer on this shared network is infected, it’s possible that others on the same network are already infected as well. You can imagine the vast damage this can have in just a matter of an hour or even less.
To stay safe, the only way is to keep your software up to date. This is not just about the operating system itself, it’s also about other applications that are installed on the computer. If you are still using Windows XP, you’ll have to make the switch to at least Windows 7. This is because Microsoft ended the support for XP back in April 2014 and thus it no longer receives security updates that would otherwise protect the PCs from this attack – and others. Windows XP has stayed unpatched for over three years now, which makes it a more convenient choice for the hackers due to its unsecured status.
Another thing to do to avoid this attack is not clicking on links that you don’t know. Also, don’t open suspicious emails (those emails that tell you something about money [offers] that you haven’t worked for) or even click to open files that you haven’t requested from anyone.
But what if already infected?
If your PC has already been hit by WannaCry, sorry mate! So far, the would-be kill switch that had been discovered accidentally has already been patched by the hackers and it’s no longer working. In fact, Heimdal Security researchers say that the hackers have already come up with a variation of the malware dubbed Uiwix.
In short, all infected computers, at least for now, will have no choice but to pay as WannaCry demands, which is about $300. The payment is made via Bitcoin, which is an innovative kind of digital currency that cannot be traced and usually, it’s used for transactions between Dark Web users. You must pay the ransom in three days or else, the price will be doubled. If you go past a few more days, the files will no longer be accessible. If you have regular backups for your computer systems, well, lucky you. According to experts, you can easily do a fresh Windows 7 (and above) installation (format) on the computers and turn to your backup files for a fresh start.
The New York Times notes that the hackers behind WannaCry could end up with more than a billion dollars by the time this whole thing is over. As at the time of this writing, more than $80,000 in Bitcoin currency has already been paid to the hackers and this is expected to rise as the clock keeps ticking. You can also keep track of the payments on your own via this link.
Apparently, Microsoft released an update in March that was meant to protect Windows PCs against such attacks, but as it appears, not so many people have installed this update on their PCs. Even though the tech giant had already stopped releasing security updates to the older Windows XP, the company took an unusual step on Friday last week, rolling out an emergency security update to XP as well as the likes of Windows Vista, Windows 7 and Windows 8 as well – an update whose aim is to protect you against a potential WannaCry attack. Make sure you get it right away.
If you are worried that WannaCry might head your way, you’d be better off with some backups for your data. It’s also that point in time where you might start thinking about getting regular software updates by turning on Windows updates. It’s also recommended that you use updated software applications on your PC. Do make sure to check with your IT department to ensure that all is okay.