Wannacry Virus
0 likes•402 views
The WannaCry ransomware virus infected over 200,000 organizations in 150 countries, crippling many hospitals and other organizations. It exploited a vulnerability in Windows to encrypt files and demand ransom payments in bitcoin. While a "kill switch" was discovered that stopped the spread, many systems already infected could not be recovered without paying ransom. It highlighted the need to keep systems updated and have backups to prevent future attacks.
![Wannacry Virus: Alarming News for the World
Introduction:
Ransomware, recently a common name heard in the
world cyber news. The WANNACRY
RANSOMWARE ATTACK has quickly become
the worst digital disaster to strike the internet in
years, crippling transportation and hospitals globally
[1]. The ransomware virus name is ‘WANNACRY’.
There are reports of infections in 99 countries,
including Russia and China. Among the worst hit was
the National Health Service (NHS) in England and
Scotland. This is one of the recent cyber-attack that
affects the world greatly. The expert says it is a
warning call for the world [2].
What is wannacry?
Wannacry is kind of ramsomware. Where the virus
attacks the system and block it functional activity.
The virus attacks the world in Friday. It mainly
attacks the windows based system. There are many
kind of the virus like WannaCrypt. The virus mainly
attacks the system and locks the file the user wants to
access. Then it requires a password to access the file
data. The hacker group demand ransome for the
password. Usually the demand is fulfilled by Bitcoin.
Bitcoin is mainly an online based currency. It is
mainly a digital currency of payment without giving
any fee. Some company encourages the bitcoin
system by giving interest over transaction. The virus
not only attacks the user pc but also it attacks the
mobile phone, tab, and laptop also. Ransome is kind
cyber-attack where the hacker took control over the
pc and demand money from the user.
Impact of wannacry:
The wannacry ransomware forced the hospital to turn
away their patient in UK. It also attacks more than
200,000 organisations in 150 countries across the
world. In the UK, the major assault hit 47 NHS trusts,
leading to operations being cancelled and patients
turned away from A&E[3]. Systems at British
Hospitals, Germany’s national railway, Spain’s
biggest phone company and even Fed Ex in the
United States have been victimized by the virus that
demands corporations and individuals pay a ransom
to regain files that have been encrypted by the
attacker .
How did the cyber-attack found out?
The virus was first notice on Friday. Then it quickly
spread the world. In UK the computer system in
medical goes down one by one. The NHS staff notice
a screenshot of demanding 300$ in bitcoin for access
in each computer and the staff cannot access the files
data. Immediately after that several incidents were
reported throughout the Europe. In Russia a bank,
railway system, mobile network systems were
affected. The interior ministry in Russia said that
1000 of their computers were affected but no
sensitive data were reported stolen. In Spain a major
mobile network system and natural gas distributor
computer system were attacked. In US Delivery
Company FedEx is attacked.
How does it attack the system?
This virus is hidden within document file, PDF and
other type of file system. First of all it attacks via
opening unsecure link. By opening an affected
document it attacks the user system. When the
affected user sent email to another user thus the virus
spread and it also open a backdoor in the system for
further attack. It also takes control over user system
and show massage to give ransom for the access over
the system. It mainly attacks older version windows
operating system and some newer ones also. The
virus attack those system which software in not
updated or who uses unsecured software. The
company or organization uses this kind of system or
software is at risk being attacked by ransomware. The
creators of wannacry are still unknown. The
government and their security are failed to locate the
responsible group for the attack. But the security
expert confirmed that whoever responsible for this
attacks it’s their second attempt. The previous
version of wannacry is WeCry. It asked the user for
177$ worth bitcoin to access in their system in that
time. In the past a user can take control over the
system by giving 300$ bitcoin. But there is no
guarantee that this time it will happen also.](https://image.slidesharecdn.com/assignment-170806164220/85/Wannacry-Virus-1-320.jpg)
![How to prevent yourself from attacking:
The hackers mainly attack the system by
exploiting the flaws in windows operating
system. WannaCry leverages CVE-2017-
0144, a vulnerability in Server Message
Block, to infect systems. The security flaw
is attacked using an exploit leaked by the
Shadow Brokers group—the “EternalBlue”
exploit, in particular. Microsoft’s Security
Response Center (MSRC)
Team addressed the vulnerability via MS17-
010 released March, 2017[4]. Microsoft
assume about this kind of threat so they
update a patch file a month ago. So to
prevent the system from attacking your
operating system must be up to date.
The best protection for this kind of attack is
to maintain a backup for your file. So if the
system is attacked you can run your system
from the backup.
You must use latest antivirus and anti-
malware tools for prevention and scan your
system daily basis for protection in your
computer and mobile phone.
The most common way of spreading virus
is visiting affected websites and opening
contained email. It also spread by displaying
malicious advertise and downloading bad
program or application. So the user must
prevent him from doing this.
Another way of preventing is that scans a
file before downloading and block secret
installation and check for malware in your
system.
Do not use unauthorized device and network
for login into your account. Do not use any
kind of password reminder tools and also
use long and hard password for your system.
Use ad blocker for preventing any pop up
advertises.
Do not give your credit and financial
information to any unrecognized websites.
Update Windows firewall system and
detection.
Conclusion:
Finally some good news, while working on the virus
MalwareTech that the programmer who build
Ransomware cheak a certain website every time. The
expert become curious about it and checks the
domain of the website. MalwareTech programmers
find out that the domain is unallocated to they spend
10.69$ to buy the domain and shut the URL. As it
turns out that as long as the domain is sealed the
spread of wannacry is blocked. The expert named this
as a kill switch for the spreading of the virus. But the
system who are already affected by the virus is
doesn’t do any good for them.
Reference:
[1] " Cite a Website - Cite This For Me". Wired.com. N.p., 2017. Web, 18 May 2017.
[2] "Massive Ransomware Infection Hits Computers in 99 Countries - BBC News". BBC News. N.p.,
2017. Web. 18 May 2017.
[3] McGoogan, Cara, James Titcomb, and Charlotte Krol. "What Is Wannacry and How Does
Ransomware Work?". The Telegraph. N.p., 2017. Web. 18 May 2017.
[4] "Wannacry Ransomware Attack". En.wikipedia.org. N.p., 2017. Web. 18 May 2017.](https://image.slidesharecdn.com/assignment-170806164220/85/Wannacry-Virus-2-320.jpg)
Wannacry Virus
- 1. Wannacry Virus: Alarming News for the World Introduction: Ransomware, recently a common name heard in the world cyber news. The WANNACRY RANSOMWARE ATTACK has quickly become the worst digital disaster to strike the internet in years, crippling transportation and hospitals globally [1]. The ransomware virus name is ‘WANNACRY’. There are reports of infections in 99 countries, including Russia and China. Among the worst hit was the National Health Service (NHS) in England and Scotland. This is one of the recent cyber-attack that affects the world greatly. The expert says it is a warning call for the world [2]. What is wannacry? Wannacry is kind of ramsomware. Where the virus attacks the system and block it functional activity. The virus attacks the world in Friday. It mainly attacks the windows based system. There are many kind of the virus like WannaCrypt. The virus mainly attacks the system and locks the file the user wants to access. Then it requires a password to access the file data. The hacker group demand ransome for the password. Usually the demand is fulfilled by Bitcoin. Bitcoin is mainly an online based currency. It is mainly a digital currency of payment without giving any fee. Some company encourages the bitcoin system by giving interest over transaction. The virus not only attacks the user pc but also it attacks the mobile phone, tab, and laptop also. Ransome is kind cyber-attack where the hacker took control over the pc and demand money from the user. Impact of wannacry: The wannacry ransomware forced the hospital to turn away their patient in UK. It also attacks more than 200,000 organisations in 150 countries across the world. In the UK, the major assault hit 47 NHS trusts, leading to operations being cancelled and patients turned away from A&E[3]. Systems at British Hospitals, Germany’s national railway, Spain’s biggest phone company and even Fed Ex in the United States have been victimized by the virus that demands corporations and individuals pay a ransom to regain files that have been encrypted by the attacker . How did the cyber-attack found out? The virus was first notice on Friday. Then it quickly spread the world. In UK the computer system in medical goes down one by one. The NHS staff notice a screenshot of demanding 300$ in bitcoin for access in each computer and the staff cannot access the files data. Immediately after that several incidents were reported throughout the Europe. In Russia a bank, railway system, mobile network systems were affected. The interior ministry in Russia said that 1000 of their computers were affected but no sensitive data were reported stolen. In Spain a major mobile network system and natural gas distributor computer system were attacked. In US Delivery Company FedEx is attacked. How does it attack the system? This virus is hidden within document file, PDF and other type of file system. First of all it attacks via opening unsecure link. By opening an affected document it attacks the user system. When the affected user sent email to another user thus the virus spread and it also open a backdoor in the system for further attack. It also takes control over user system and show massage to give ransom for the access over the system. It mainly attacks older version windows operating system and some newer ones also. The virus attack those system which software in not updated or who uses unsecured software. The company or organization uses this kind of system or software is at risk being attacked by ransomware. The creators of wannacry are still unknown. The government and their security are failed to locate the responsible group for the attack. But the security expert confirmed that whoever responsible for this attacks it’s their second attempt. The previous version of wannacry is WeCry. It asked the user for 177$ worth bitcoin to access in their system in that time. In the past a user can take control over the system by giving 300$ bitcoin. But there is no guarantee that this time it will happen also.
- 2. How to prevent yourself from attacking: The hackers mainly attack the system by exploiting the flaws in windows operating system. WannaCry leverages CVE-2017- 0144, a vulnerability in Server Message Block, to infect systems. The security flaw is attacked using an exploit leaked by the Shadow Brokers group—the “EternalBlue” exploit, in particular. Microsoft’s Security Response Center (MSRC) Team addressed the vulnerability via MS17- 010 released March, 2017[4]. Microsoft assume about this kind of threat so they update a patch file a month ago. So to prevent the system from attacking your operating system must be up to date. The best protection for this kind of attack is to maintain a backup for your file. So if the system is attacked you can run your system from the backup. You must use latest antivirus and anti- malware tools for prevention and scan your system daily basis for protection in your computer and mobile phone. The most common way of spreading virus is visiting affected websites and opening contained email. It also spread by displaying malicious advertise and downloading bad program or application. So the user must prevent him from doing this. Another way of preventing is that scans a file before downloading and block secret installation and check for malware in your system. Do not use unauthorized device and network for login into your account. Do not use any kind of password reminder tools and also use long and hard password for your system. Use ad blocker for preventing any pop up advertises. Do not give your credit and financial information to any unrecognized websites. Update Windows firewall system and detection. Conclusion: Finally some good news, while working on the virus MalwareTech that the programmer who build Ransomware cheak a certain website every time. The expert become curious about it and checks the domain of the website. MalwareTech programmers find out that the domain is unallocated to they spend 10.69$ to buy the domain and shut the URL. As it turns out that as long as the domain is sealed the spread of wannacry is blocked. The expert named this as a kill switch for the spreading of the virus. But the system who are already affected by the virus is doesn’t do any good for them. Reference: [1] " Cite a Website - Cite This For Me". Wired.com. N.p., 2017. Web, 18 May 2017. [2] "Massive Ransomware Infection Hits Computers in 99 Countries - BBC News". BBC News. N.p., 2017. Web. 18 May 2017. [3] McGoogan, Cara, James Titcomb, and Charlotte Krol. "What Is Wannacry and How Does Ransomware Work?". The Telegraph. N.p., 2017. Web. 18 May 2017. [4] "Wannacry Ransomware Attack". En.wikipedia.org. N.p., 2017. Web. 18 May 2017.