Ransomware poate fi mentionat ca virușii care atacă un calculator și a cripta toate fișierele prezente pe hard disk, împreună cu sistemul de operare pe care ruleaza. După criptarea calculatorului, proprietarul acestui calculator este contactat de către hacker care le cere să plătească o răscumpărare în schimbul de a obține computerul lor, împreună cu toate fișierele sale deblocate. De-a lungul anilor, mai multe virusuri au fost văzute solicită răscumpărarea de către lume. Cele mai recente și mai cunoscut dintre ele în această privință a venit la lumină câteva luni în urmă în formă de WannaCry. Cateva detalii despre acest virus sunt prezentate în secțiunile de mai jos.
Partea 1: Ce este WannaCry
WannaCry is a ransomware that was recently introduced in the cyber world. So far it has been the most devastating kind of ransomware viruses we have ever seen. It completely encrypts all the files present on the computer along with the operating system and asks the owner to pay a ransom that may go as high as up to $300. There is no surety about who created this virus but several clues have been tying it to the North Korean hackers.
Part 2: How does it work?
WannaCry works just like any other ransomware. It gets into a computer usually when the user makes a click on the wrong item or ends up downloading the wrong file. When it gets activated, it encrypts or locks everything that is virtually present on that computer. The operating system also gets encrypted up to some extent. After a while, the hacker establishes contact with the computer’s owner and asks them to pay a ransom after which they promise to unlock all the encrypted files.
Part 3: How much are they asking for?
Currently the hackers are asking for a sum of $300 in exchange for decrypting the encrypted files. The amount must be paid through bitcoins as the hackers insist upon it due to its safety and intractability features.
Part 4: Will paying ransom really unlock the files?
When it comes to this, nothing can be said with surety. Sometimes paying the ransom works and the owner gets all of their files back. While on the other hand, in some of the cases it has also been seen that the owners did not get their files back even after they paid the ransom fair and square. So the best course of action in this regard is to secure your computer up to the highest possible levels. Taking a back up of all of your data might come in very handy in cases you get hacked. All you need to do then is to restore your computer to the latest backup and you are good to go.
Part 5: How is the NSA tied into this attack?
Ransomware is so malicious that it has a tendency to spread all across the network after someone using one of the connected computer ends up installing a particular variant of this virus. So in order to accomplish that, WannaCry makes use of a vulnerability present in different variants of the Windows operating system, that is, its loop holes that allow jumping between one PC to another. This weakness has been there for some time now but initially it was identified by the NSA as a result of its illegal surveillance programs. The NSA knew about it for a long time but it was brought to light for the rest of the world in April by ‘Shadow Breakers’, an anonymous group that released a lot of information about the known weaknesses as well as the hacking tools used by the NSA.
Part 6: Was there any defense?
Of course. After a short amount of time when the files were released by the Shadow Breakers, a security patch was released by Microsoft in order to safe guard different variants of the Windows operating system against this kind of vulnerabilities. The patches ensured that the loop hole that enabled the malicious virus to spread from one computer to others got completely closed down. These patches were known to be pretty effective in blocking the effects of different kinds of ransomware viruses especially WannaCry up to a high extent. But due to unknown reasons, several organizations are usually seen pretty slow when it comes to installing the updates offered by Microsoft.
Part 7: How long will this attack last?
Different kinds of ransomware viruses usually have different shelf lives. Overall it is usually much shorter in comparison to other kinds of viruses. Vendors of antivirus programs are also seen to be highly active when such a virus attacks. So they also do their best to deploy anything that might be helpful in taking it down for good. So keeping all of that in mind, it might be said that ransomware viruses usually have shorter lives but we have to do whatever it takes to protect and secure our computers in the meanwhile in order to prevent any unwanted situations.
Keeping in view all the arguments discussed in the sections above, it might be concluded that ransomware are highly notorious viruses that hold our important data for ransom. Over the past few years, the world has seen different kinds of cyber virus attacks that included ransomware as well as other kinds of viruses but we have never seen something as strong as WannaCry. WannaCry has hit the cyber world with full force over the past few months. It encrypts every single file present on a computer along with its operating system and asks the user to submit a ransom in the amount of $300. After the payment of the ransom, sometimes the files get released while other times they don’t. The best approach in this kind of situation is to do whatever it takes to secure your computer. Installing a good antivirus and taking backup of important data is highly recommended in this regard.
