YIBADA

WannaCry Ransomware Attack: What is Known So Far

| May 17, 2017 11:17 AM EDT

WannaCry Ransomware Attack

From Friday a particularly large ransomware attack known as WannaCry has been spreading around the globe affecting hundreds of thousands of computers across over 150 countries. If affected it displays a message notifying the user that their files have been encrypted and locked and demanding that a $300 payment be made to restore them.

While the full spread of WannaCry is still being determined its highest-profile target so far involved computers in the UK's healthcare system - which created a disarray on Friday. Because businesses in Asia were already closed for the weekend at the time of the attack they are only starting to deal with it this week, and there were apparently few cases in the US.

Some of the notable names that have reported to have had their computers affected so far include automobile manufacturers Renault and Nissan, along with Hitachi, PetroChina, and several other firms.

"Where Did WannaCry Come From?"

As of yet no one knows for certain where the WannaCry attack came from and who is responsible for it. Although there have been some theories that have been floated along with a few organizations claiming responsibility for the attack, no proof or verification has been provided.

What is known is that the attack utilized exploits that were stolen from the National Security Agency (NSA) back in April this year. That vulnerability was utilized by WannaCry to infect computers and is what allowed it to spread.

Short of an organization claiming credit and providing proof that they are behind the WannaCry attack, it is likely that the culprits may never be positively identified. While there may be signs that point towards certain groups, confirmation will be difficult to say the least.

"Is WannaCry Still a Threat?"

Effective today, WannaCry is still very much a threat. The initial attack was stymied by a malware expert who found a 'kill switch' in the code and registered a domain name that it called out to stop the spread of the ransomware.

However since then other variants have emerge that have replaced that domain name with different ones, and while efforts are being taken to track down and activate the 'kill switch' in similar fashion - it is still ongoing. It is possible that eventually the 'kill switch' may be removed entirely, making it impossible to stop through that method.

"How to Deal with WannaCry?"

As with all malware, prevention is better than cure and indeed the easiest way to deal with WannaCry it to simply update Windows. Several months ago Microsoft released a security patch that fixed the vulnerability that WannaCry takes advantage of.

Aside from updating Windows, it is worth taking other safety precautions as well such as backing up data, using a PC or Movavi Mac cleaner to remove unnecessary files, utilizing antivirus software, and not accepting files from dubious sources. All in all the risk of WannaCry infecting a computer that is fully updated and secure is next to none - so it is easy to prevent.

Most Popular

EDITOR'S PICK