A malicious Ransomware dubbed “WannaCry” is wreaking havoc worldwide by spreading quickly due to a number of factors. The global outbreak has till now forced many hospitals in Britain to turn away patients and has also affected corporate organizations such as Telefonica, which is a Spanish telephone company. The confluence of some major technical factors helped the malware spread its reach from one end of the world to the other. “WannaCry” was launched to affect all computers globally.
WannaCry: its function and reach
WannaCry, also known as WCry and WanaCrypt0r 2.0, is a specific type of ransomware that locks the files on a computer and encrypts them in a special way, which debars the user from accessing them.
A ransomware program enters the computer when the user either clicks on a malicious link or downloads any infected content. The program them holds something in lieu of a ransom that the user has to pay in order to gain access to the encrypted data.
In the case of WannaCry ransomware, the program encrypts the files on the affected computer and then demands payment for the same in the form of bitcoins – if the owner wants to regain access. However, according to security experts, there is no guarantee that the owner will be given the access to those files once the payment has been processed. In many cases, even after being paid initially, hackers demanded more money after the first payment to give the victim the encryption key.
The ransomware’s impact
An AlienVault researcher Chris Doman has stated that the ransomware “looks to be targeting a wide range of countries.” Cyber attacks by ransomware hackers have been identified in at least a dozen countries in Europe, United Arab Emirates, Turkey, and Argentina and have also been spotted in roughly eight Asian countries.
Why is it so dangerous?
Although a ransomware program, WannaCry acts more like a worm when it infects a computer. As soon as it gets into one computer system, it starts looking for other connected computers to spread itself. Many of the cyber security firms have stated that the program is exploiting an old susceptibility in the Windows operating system, which Microsoft fixed in its March security update.
However, many times people don’t install these security updates on their PCs, which helps hackers take advantage of the vulnerability.
How to prevent the ransomware from affecting your PC
As of now, cyber security experts have not come up with a decryption key that can be used to recover the encrypted files. However, all experts are advising individuals to apply the Microsoft security patch that fixes the issues as soon as possible. They are also advising the users to back up important data on an external hard drive or an air-gapped system, which is not connected to LAN. It is also advisable not to click on unknown and suspicious links which may carry the viral program.
