A type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypts all the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.
How to avoid ransomware?
- Be careful to click on harmful links in your emails.- Be wary of visiting unsafe or unreliable sites.
- Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as Whatsapp and other applications.
- If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
- Keep your files backed up regularly and periodically.
- Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
News about "WannaCry" Ransomware
On Friday, May 12, 2017, the world was alarmed to discover that cybercrime had achieved a new record. In a widespread ransomware attack that hit organizations in more than 100 countries within the span of 48 hours, the operators of malware known as WannaCry/WanaCrypt0r 2.0 are believed to have caused the biggest attack of its kind ever recorded.
Perhaps more than anything else, this ransomware onslaught is a resounding reminder of security basics, especially where it comes to Microsoft product patching. Those who applied critical Microsoft Windows patches released in March were protected against this attack. Another basic protection is the possession of current, offline backups of data. For ransomware attacks like this one, having a viable backup will enable a successful incident response, leaving attackers high and dry and unable to collect money for their evil doings.
Perhaps more than anything else, this ransomware onslaught is a resounding reminder of security basics, especially where it comes to Microsoft product patching. Those who applied critical Microsoft Windows patches released in March were protected against this attack. Another basic protection is the possession of current, offline backups of data. For ransomware attacks like this one, having a viable backup will enable a successful incident response, leaving attackers high and dry and unable to collect money for their evil doings.
WannaCry, WanaCrypt, or Wcry for short, is ransomware that works like other malware of its type, with a few intricacies that highlight the sophistication of its operators.
First, the malware uses exploits that were supposedly leaked by a group that calls itself “ShadowBrokers.” The result of leaking exploits very often gives rise to malicious actors who use them for their nefarious purposes – which is what happened in this case.
Second, the malware uses strong, asymmetric encryption, employing the RSA 2048-bit cipher to encrypt files. Using this method is considered relatively slow when compared to symmetric encryption, but it is very strong and virtually impossible to break.
Third, the malware’s architecture is modular; a feature known to be used in legitimate software, but also in complex malware projects like banking Trojans. Most ransomware is not modular, but rather simplistic, and carries out its tasks without any modularity. What this means is that the authors behind Wcry are more likely to be a group of people, more than just one developer, and even possibly one of the organized cybercrime gangs that distribute malware like Dridex and Locky.
Bottom line, we are not dealing with amateurs. This widespread attack is of high severity, and although the vulnerability being exploited by the attackers should have been patched a while back, many organizations have been hit and the count keeps rising.
No comments:
Post a Comment