Sunday, 28 May, 2017

What is WannaCry ransomware?

Daniel Roy | 19 May, 2017, 21:01

In April 2016, the Federal Bureau of Investigation published a ransomware explainer that mentioned recent attacks on USA hospitals, along with school districts, state and local governments, and law enforcement agencies. Over 200,000 computers in 150 countries have reportedly been affected, and the BBC traced at least $38,000 paid to accounts linked to the attack.

Q: How many people have been affected by the current strain, WannaCry?

"You have Personal ID info, like social security numbers or home addresses or bank acct info, then you have protected health info, which is HIPAA data, and then you've got cardholder data", he said. "I'm anxious about how the numbers will continue to grow when people go to work and turn their machines on Monday morning".

And that's just a measure of the electronic consequences of WannaCry.

Keep security software up to date.

Britain first raised global alarm when it caused hospitals to divert ambulances on Friday.

Q: Are victims paying the ransom? The ease of stopping the attack suggests the hackers were new to this game.

It's largely a question of resources and attention.

That raises questions about inequality in technology, said Stewart Baker, a former general counsel at the National Security Agency.

With his new statement, Smith seems to be confirming that version of events.

Separately some reports said that ransomware had infected 10 standalone computers of West Bengal state electricity distribution company. "If you need that data back, you're going to pay". The initial attack had started after many offices had closed Friday.

Q: What if I don't have the luxury of fighting the ransomware? We'll get to some tips in a minute.

Who's being targeted for blame?

The ransomware took advantage of a flaw in Microsoft's Windows operating system. And, while the company did issue early fixes for its newer operating systems, patches for older Windows systems were only issued free of charge over the weekend, after the attacks began. "There is this stream of liability that flows from the ransomware attack", he said. As Apple has gained more marketshare, its products have become a much bigger target for attackers.

After a computer is infected, ransomware threatens people with the loss of control and all their saved data if they don't act quickly to pay the hacker, usually in hard-to-trace currency like Bitcoins.

"The operating systems on our computers and software downloads are managed centrally so that regular users can not download executable files from the internet without administrative rights", he said in an email.

Q: Who's behind the WannaCry attack? Here's everything you need to know about it and how experts say you can best prevent future attacks.

"WannaCry", as the ransomware is known, uses a Windows vulnerability originally identified by the NSA, according to security experts. That tool was stolen and made available by the Shadow Brokers, a hacking group that has released several caches of files from the government agency.

"The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect". As part of the Digital Geneva Convention, Smith called for "a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them".

He likened the situation to what would happen - hypothetically - if the USA military had some of its Tomahawk missiles stolen.

He said, "We take every single cyberattack on a Windows system seriously, and we've been working around the clock since Friday to help all our customers who have been affected by this incident".

How do you protect yourself from WannaCry?

Do not forget to treat unexpected emails with caution, and read up on phishing - one of the most common types of social engineering attacks used by attackers to compromise machines.

There is no legal provision that makes reporting a cyber-breach mandatory for a corporate firm, experts said. Until the public's knowledge of their tools catches up to the frequency with which they use them, attacks on the scale of the WannaCry outburst have the potential to be duplicated more frequently than you'd care to think about.