What Is Wannacry? What Does WannaCry Ransomware Do?
- Author: Zachary Reyes May 23, 2017,
May 23, 2017, 10:44
If your system is on the recent version of Windows and hasn't been attacked by WannaCry yet, then we urge you to update your system with the available security patch immediately.
The initial attack, known as "WannaCry", paralyzed computers that run Britain's hospital network, Germany's national railway and scores of other companies and government agencies worldwide in what was believed to be the biggest online extortion scheme so far. The cyber attack has also reignited the debate over whether or not governments should disclose vulnerabilities that they discover, instead of stockpiling them to use it to their advantage as and when needed.
Being the software security provider to the recently hacked NHS has not hurt Sophos (SOPH). Microsoft said last month that the vulnerabilities that were exploited had been patched.
"An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen", attorney Brad Smith wrote on Microsoft's blog. The "Shadow Brokers" group of hackers employs the ransomware for acquiring unauthorized admission into computer owners' data-files as well as lock their access to the owners, guaranteeing to unlock exclusively when a $300 ransom payment is made in Bitcoins. However, he said it's only a matter of time before a malevolent version exists.
"We're talking about the kind of software that controls the infrastructure that underpins our lives, from traffic lights through to sewage flow", said David Murakami Wood, Canada research chair in surveillance studies at Queen's University.
"Hundreds of ATMs being shut down in India is recognition of the fact that the ransomware attack which is happening globally is increasingly also looking at India". That will all protect against ransomware and much more.
Though the WannaCry worm was one of the largest cyberattacks in history, it still might not be enough to shift everyone off old technology. "That's going to be a really vulnerable place to be", Munro said. "We've seen that the slowdown of the infection rate over Friday night, after a temporary fix around it, has now been overcome by a second variation the criminals have released".
"There have been over 700 distress calls by customers in the last few days, following the attack that affected 150 countries". Asked what the company is doing to prevent such exploitations, he cited "basic IT security blocking and tackling".
The full extent of the attack won't become fully clear until people return to their workplaces Monday, for the first time after the attacks.
Prasad further said that the government is in touch with the banking system to reinforce their architecture.
Ryan O'Leary, vice president of WhiteHat Security's threat research center, points out that this weekend's hackers weren't asking for much, usually about $300. The official was not authorized to discuss the private meetings by name and requested anonymity.
Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don't install security upgrades because they're anxious about triggering bugs, or they can't afford the downtime. Named WannaCry 2.0, this malware is created to be more effective when it comes to targeting millions of users and because there is not a dedicated kill switch created to stop this.
But many users who were infected by WannaCry did not install it.
Microsoft is blaming the US government.
However, proof positive of just how bad the spread of "WannaCry" has been, the company did something it hasn't done in years: released a security patch for Windows XP.
Who are affected by WannaCry?The other is to disable a type of software that connects computers to printers and faxes, which the virus exploits, O'Leary added.
"It's one of those things, in a ideal world, if people were up to date on the patches, this wouldn't be a problem", O'Leary said.