CM02
CM02

May 14, 2017

WannaCry, The Biggest Ransomware Outbreak In History

By: Low Chern Lin

CREDIT: @FENDIFILLE/TWITTER
While most of us is enjoying our Friday night as usual, hackers launched a global-scale cyberattack by spreading a ransomware known as WannaCry, aka WanaCrypt0r 2.0 or WCry. According to Kaspersky Lab and Avast, the ransomeware hits approximately 100,000 computers in nearly 100 countries on Friday. The latest known numbers of affected computers and countries to date are 230,000 computers around 150 countries in total.

Who Is Behind The Ransomware WannaCry?

While the creator of WannaCry has yet to be identified, the blame is put on the cyber gang Shadow Brokers. The gang allegedly stole a hacking tool from NSA and leaked it on an obscure site. Eternal Blue, the leaked hacking tool capable of accessing ALL Microsoft Windows found by WannaCry creator, are then used to spread the ransomware.

Once a computer is infected, the ransomware will start scanning for other devices connected to the same network. By exploiting the vulnerability of Server Message Block (SMB) 1.0/ CIFS File Sharing Support feature, the ransomware can distribute copies of itself throughout the network and infect any device it can find.



What Does It Do and How To Fix It?

Giant corporate, National Health Services, international shippers, etc are among the victims of the ransomeware outbreak. The victims are left with nothing but heavily encrypted files which they can no longer access to. To get back the access to these files, ransom money in the form of BitCoin has to be paid.

As it is impossible to trace a BitCoin transaction, getting the access to the files are not guaranteed after payment. Paying the ransom money are not recommended, as you are financially supporting the hackers this way. You will have to accept the fact that you'll be losing those files for good, take it as a lesson.

What Can You Do To Prevent This?

In response to this, Microsoft has already released the security update patches for the exploits. Although some of Microsoft's update packages can be shady sometimes, but at least it get things fixed.

According to The Hacker News, you can prevent the WannaCry ransomware attack by disabling the Server Message Block (SMB) 1.0/ CIFS File Sharing Support feature. 




Try to make backing up important files regularly to a NAS or cloud storage a habit. It helps to minimize the damage in case if you're that unlucky to get hit by a ransomware. Installing ransomware from reputable software providers to your computers helps to fight off the malware. Acronis, Cyberreason, BitDefender, Kaspersky Lab, Avast, and Sophos among the reputable providers you can look out for.

And last but not least, avoid any shady websites, pirated software, too good to be true deals from your browser pop-up or email. You wouldn't know when you'll get yourself stranded in a ransomware mess, which will truly makes you WannaCry.

TR01