Ransomware

Introduction

It a type of malicious software designed to block access to a computer system. Its name is WannaCry Ransomware. Now technology is increasing with this virus, malware and other harmful program also increasing(developing). With a passage of time we hear about new virus attack over the Internet. Now a days Wannacry ransomware is news for its attacks.

ransomware WannCry

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid.

The WannaCry ransomware attack has hit about 150 countries globally, including Russia and the US. In India, five or six isolated instances have been reported in states like Gujrat, Kerala and West Bengal; though any substantial disruption to country’s IT backbone has been denied by the IT Secretary Aruna Sundararajan.

WannaCry ransome encrypt the files(user data files) on infected system with a code. And force user to pay some money to get its ransom decrypt code, ransome use bitcoin, amazon gift and iTunes card for collect the payment. But it doesn;t gaurntee that user will get decrypt ley after paying to ransome.

Attacks are continously increasing from May 13, Friday. As already mentioned that ransomware hit near 150 countries globally.There is a Good News for India that there is no any major report, i.e. from major sector.
What is abominable is that the criminals tampered with the systems of public health services — particularly the NHS of the UK.

How they attack?

The intrusion was a phishing attack — persuading a user to open a mail sent by a motivated intruder, an act which, on the face of it, appears to be from a genuine and authorised source and user may open i, and the result of a malware (WannaCrypt 2.0) assembled, not at one place, but in several centres across the globe.
So we advice our users that you too don't open any unknown mails that may carry WannaCrypt.

Advise

  • Don't open any Unknown e-mail. if you did then don't download attachments or click on links given inside.
  • Don't surf any website that provide crack, that may crack your back.
  • Don't surf any website that seem to be unsafe.

They send a mail, that may carry link or even virus itself and if user download it. In such a case, the immobilisation of a system is invariably caused by the encryption of files, folders and drives, and it takes a while for the victim to realise he/she has been attacked.

The fears are subsequently confirmed by messages demanding a specified ransom for releasing the system.

Launched by a group styled Shadow Brokers (whose exact identity is yet to be unravelled), the ransom demanded in each instance was $300 to be paid in Bitcoin — a digital currency which renders the beneficiary anonymous and is difficult to locate. One rough estimate is that the ransom-seekers will eventually net $1 billion, and that they have already received about $33,000 until the weekend.

There are two aspects to the outrageous attack that are worrisome.

The first is that the holes in the older version of Windows were known to Microsoft for quite some time, but it did not do much to patch them up, except for customers who paid to remove the deficiencies. Then there is the other theory that customers who were aware of the risk did not bother to act because of the costs involved and the problems related to adapting to upgrades. Security Concern:

Perhaps the graver of the revelations surfacing now is that the malware was possibly stolen from a stockpile of weapons which the National Security Agency (NSA) had built up over the years as a counter-offensive to cyber-attacks on the US and its allies by nations such as Russia, China and North Korea.

Justifying this, certain sources allege that, since last summer, Shadow Brokers had started posting online certain tools they had stolen from the NSA ‘armoury’.

This is a serious insinuation that, if proved, could trigger international condemnation of the US and its spy agencies. It revives memories of Stuxnet, a worm that both the US and Israel used against Iran’s nuclear programme more than five years ago. While there is no corroboration to the charge levelled against the NSA, it is interesting that a few former intelligence officers have taken the stand that the tools used in the latest episode were indeed from the NSA’s ‘Tailored Access Operations’

Remedies:

The question is whether anything can be done to predict or prevent a similar attack. There is marked pessimism here. Repeated exhortation not to open attachments received from unknown sources has fallen on deaf ears. The advice to opt for complex passwords and exhortations not to share it with anyone has also met with the same fate.

Conclusion:

An eye for an eye will make the world blind was Gandhiji’s wise words. Country’s should tread a careful path especially in a field with such large implications. The only way is to minimize damage through encryption of vital, if not all the data in the hardware or system. There is no case for despair. But there is certainly one for prudence and caution in day-to-day handling of systems and data.