A ransomware called WannaCry began hitting computers and wreaking havoc across the world on Saturday. So far, the number of systems affected is estimated to be anywhere between a hundred and two hundred thousand. Here is what you need to know —
What is ransomware?
A piece of malicious software which takes control of your system and files. Upon taking over, it applies encryption on those files and asks for money for a key that can restore the files. The ransomware often scrambles filenames and changes their extension.
How is the WannaCry ransomware working?
Almost all ransomware takes advantage of a vulnerability in an operating system. Wanna Cry has used an exploit — a piece of bug in the software — to take advantage of Microsoft Windows and take control of thousands of systems, and lock files. The exploit is called EternalBlue and the American National Security Agency (NSA) has been aware of it for some time.
At the moment, the ransom amount demanded to unlock a file is $300, to be paid in BitCoins. The hackers have warned that the ransom amount will go up. WannaCry has a 'worm-like' ability to spread through cyber networks automatically.
Who has been affected?
It was reported on Saturday that almost 75,000 systems have been affected in 99 countries. However, a later report has suggested that the count has gone up to 2 lakh systems in 150 countries, including India. These are mostly systems running an old version of the Windows operating system. Linux and MacOS users have remained unaffected so far.
What are companies doing to mitigate the attack?
Microsoft has already released a patch for the latest Windows 10 operating system which is mandatory to download. For the older versions, such as Windows XP there is little hope. However, a UK-based security researcher has temporarily reinstated some of the affected systems by registering a domain name used in the malware. That step has halted the attack for some time. But the researcher cautioned that the hackers could find a way around this.
Many businesses are preparing against a second wave of attacks by working with cyber-security firms. Some companies, such as car-maker Renault, have halted production for now.
How to keep yourself safe from ransomware?
It is advisable to upgrade to the latest patch of the Windows operating system to be safe against the attack. Additionally, you should make a backup of all important files in your system. Victims who have already been affected are advised not to pay any 'ransom' money as there is no guarantee that their files will be unlocked by the hackers.
The Computer Emergency Response Team of India (CERT-IN) has also issued a security guideline on Wanna Cry.