The NHS has suffered a major cyber attack that has hit services in many parts of the country, leading to some operations being cancelled and patients turned away from A&E.
The attack appears to have affected a number of organisations in several countries. Ransomware, which demands payment after launching a cyber attack, has become a rising trend among hackers.
36,000 detections of #WannaCry (aka #WanaCypt0r aka #WCry) #ransomware so far. Russia, Ukraine, and Taiwan leading. This is huge.
What is ransomware?
Ransomware is a kind of cyber attack that involves hackers taking control of a computer system and blocking access to it until a ransom is paid.
For cyber criminals to gain access to the system they need to download a type of malicious software onto a device within the network. This is often done by getting a victim to click on a link or download it by mistake.
Once the software is on a victim’s computer the hackers can launch an attack that locks all files it can find within a network. This tends to be a gradual process with files being encrypted one after another.
Large companies with sophisticated security systems are able to spot this occurring and can isolate documents to minimise damage. Individuals might not be so lucky and could end up losing access to all of their information.
Cyber criminals often demand payment in return for unlocking the files. This is normally in the form of bitcoin, the online cryptocurrency.
What is Wanna Decryptor?
Wanna Decryptor, also known as WannaCry or wcry, is a specific ransomware program that locks all the data on a computer system and leaves the user with only two files: instructions on what to do next and the Wanna Decryptor program itself.
When the software is opened it tells computer users that their files have been encryted, and gives them a few days to pay up, warning that their files will otherwise be deleted. It demands payment in Bitcoin, gives instructions on how to buy it, and provides a Bitcoin address to send it to.
Most computer security companies have ransomware decryption tools that can bypass the software.
It was used in a major cyber attack that affected organisations across the world including the NHS and Telefonica in Spain.
So, WanaCrypt0r 2.0 ransomware (the new WCry/WannaCry) is spreading like hell.
Yesterday’s “massive” Jaff campaign compared to this: small.
In less than 3 hours (even can say less than 2 hours if we count it from the explosion), they got victims already from 11 countries: pic.twitter.com/cKOF4YpVbT
How to protect yourself against ransomware attacks
The best protection against ransomware attacks is to have all files backed up in a completely separate system. This means that if you suffer an attack you won’t lost any information to the hackers.
It is difficult to prevent determined hackers from launching a ransomware attack, but exercising caution can help. Cyber attackers need to download the malicious software onto a computer, phone or other connected device.
The most common ways of installing the virus are through compromised emails and websites.
For example, hackers could send an employee a phishing email that looks like it comes from their boss asking them to open a link. But it actually links to a malicious website that surreptitiously downloads the virus onto their computer.
Downloading a bad program or app, and visiting a website that is displaying malicious adverts can also result in an infected device.
The best way to protect yourself is to be suspicious of unsolicited emails and always type out web addresses yourself rather than clicking on links. Another key defence is antivirus programs that can scan files before they are downloaded, block secret installations and look for malware that may already be on a computer.
Cyber security companies have developed sophisticated defences against the cyber attack, including machines that fight back when they spot hackers in a system.
What to do if you’re a victim – should you pay the ransom?
Victims are advised to never pay the ransom as it encourages the attackers. Even if victims do pay there is also no guarantee that all files will be returned to them in tact.
Instead, the best thing to do is restore all files from a back up. If this isn’t possible, there are some tools that can decrypt and recover some information.
How much do hackers demand, and why in Bitcoin?
Ransomware often demands between 0.3 and 1 Bitcoins (£400 – 1,375), but can demand a payment denominated in dollars but made via Bitcoin.
The digital currency is popular among cybercriminals because it is decentralised, unregulated and practically impossible to trace.
Although it may seem like a small amount to charge, the ransomware attacks are often widely distributed, so the ransom payments can stack up.
FAQ | Bitcoin
What is it?
A digital currency, used to make payments of any value without fees. It runs on the blockchain, a decentralised ledger kept running by “miners” whose powerful computers crunch transactions and are rewarded in bitcoins
Who invented it?
Satoshi Nakamoto, a secretive internet user, invented bitcoin in 2008 before it went online in 2009. Many attempts to identify Satoshi have been made without conclusive proof
What’s it for?
People see value in money free from government control and the fees banks charge; as well as the blockchain, to verify transactions. Bitcoin has been seen as a tool for private, anonymous transactions, and it’s the payment of choice for drug deals and other illegal purchases
Is it worth anything?
Yes. As of December 2016, there were around 16m bitcoins in circulation. In March 2017, the value of a Bitcoin, at $1,268, exceeded that of an ounce of gold ($1,233) for the first time.
Source:http://www.telegraph.co.uk/technology/0/ransomware-does-work/
TECH NEWS 