skip to Main Content

Wannacry 101 Ransomware Cyberattack on Computer System

Wannacry 101 Ransomware Cyberattack on Computer System

Wannacry 101 Ransomware Cyberattack on Computer System – Wannacry 101 is a Ransomware Cyberattack to Microsoft Windows Operating System based Computers through encrypting data and demanding payments in the form of Bitcoin Cryptocurrency to decrypt the data. The attack began on 12 May 2017 affecting nearly 230000 computer of 150 countries at once.

It is the biggest malware attacks the world has witnessed in recent times. The attack was vulnerable to Older Windows software such as XP and Windows Server 2003. It affected the banks, telecom companies, airports, hospitals and infrastructure service based firms. Govt across the world including India will educate users about the ransomware Virus so that they process some remedies in order to counter attacks like this. According to experts and officials not installing regular software updates is the primary cause for such malware to spread. Wannacry propagates using Eternal Blue, an exploit of Windows Server Message Block protocol.

Users affected by Wannacry in India saw an English version of the malware’s user manual, which describes the methods of payments made, thereby unlocking encrypted files.

According to CERT, It released a list of file extensions that are being affected by WannaCry randomware attack. The list include file format of commonly used office file extensions – .ppt, .doc, .docz, xlsx, .sxi; Achieves Media files – .zip, .rar, .tar, .bz2, mp4; Database files – .sql, .accdb, .mdb, .msg, .dbf, .odb ; Virtual machine files – .vmx, .vmdk, .vdi; etc.

What are the Steps taken to Prevent Ransomware Attacks?

  1. Emil Accessibility – Never open or execute files which are attached to emails, which are suspicious.
  2. Account Accessibility – Dot not open your app accounts using administrator account daily. Use limited privileges accounts like guest account to ensure nothing unknown will have the privileged to execute. Review active and non-active accounts regularly.
  3. Application Updates – Please uninstall all outdated or unused Apps or Plugins. Keep your Plugin, Applications and OS updated.
  4. Backups – It is the most used remediation for a ransomware type attacks. Please ensure atleast two backups for vital data or information of your computers through Cloud Environment and External Hard drives. Alternatively you can secure backups using SIEM Technology.
  5. Antivirus Protection Mechanism – The user can install antivirus program on to their computer for the protection of necessary data which are available on Computers. There are couples of products available in the market like Carbon Black Defence or Sophas Intercept X Tool, which are helpful in the sense that they act as a firewall, ensure endpoint protection and detect any spontaneous encryption.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back To Top