What is WannaCrypt Ransomware? A.K.A “WannaCry” It is a malware that takes advantage of an old vulnerability in the Windows Operating system. If you are someone who regularly updates your Windows Operating system, then you should be relatively safe. However, no antivirus software can prevent users from opening email’s that has attachments with malicious intent. The good news is that it can be avoided. The bad news though, is that it can spread like wildfire once it infects any of your “unpatched” network connected PCs. Read along to know more.
Note: If you buy something from our links, we might earn a commission. See our affiliate disclosure statement.
WannaCrypt ransomware was initially presumed to have spread using E-Mail phishing techniques. However, later, researchers and security experts have confirmed that the vulnerability was covered through older SMB protocol standards. That is if your computer is exposed to the internet with an open SMB port(SMBv1), specially crafted messages are used to exploit your Windows Operating system. The malware is alleged to use “EternalBlue” to gain access and “DoublePulsar” to install and execute the code. Once a vulnerable system is infected, it finds system and data files and encrypts it. When a user tries to access it, it displays a “ransom-note” demanding $300 in Bitcoins. Here is how the ransom demand looks like:
As you can see from the screenshot above, the payment is time bound and have roughly about a weeks time to pay and decrypt the file.
Security experts have strongly recommended against paying the ransom since it does not guarantee that you would get back your files and data. Since the individual payments are not uniquely identified, there is no single way of determining your fees. Unless the Decryption is done my manual intervention by someone from the Hacking team, it may not work at all.
Let’s be honest. Nobody wants to get their PC’s infected with any virus, malware or ransomware. It is a risk since most of the today’s computers are networked with one another. To avoid this, we have collated simple steps that might help you in the long run. They are as follows:
In the end, the users need to be accountable for initiating any malicious activity, knowingly or unknowingly.
The scale at which this malicious ransomware code was spread across the globe can only indicate the dangers that we are in today. The security threat is real, and IT Managers and CIO’s should take cognizance of this situation. Stay Safe, Signing Off!
Comments are closed.