What is WannaCry? How does WannaCry ransomware work?

 

WannaCry is a type of ransomware that infected the National Health Service(NHS) and other organisations across the globe including government institutions in China, Russia, the US and most of Europe. India was among the countries worst affected by the WannaCry attack. NHS England was also the victim of a massive ransomware attack resulting in some patients’ operations being cancelled.

The attack occurred after the USA’s National Security Agency discovered a vulnerability in Microsoft’s software called EternalBlue. This exploit was leaked by a hacker group called the Shadow Brokers earlier this year but the vulnerability was patched by Microsoft as soon as it happened.The problem comes from older versions of Windows or those without Windows Updates, as these were not patched by Microsoft and were left open to attacks. Russia and India were hit particularly hard because Microsoft’s Windows XP-one of the operating systems most at risk- was still widely used in these countries.

Let us know something about Ransomware before we begin to know about WannaCry.



What is Ransomware?
Ransomware is a malware that stealthily gets installed in our PC or mobile device and holds our files or operating system functions for ransom. It restricts the user from using their device and from accessing their files and demands that the victim has to pay some ransom within three days and if the user fails to do so then WannaCry will delete all of the encrypted files and all data will be lost.

What does a Ransomware attack look like?
Ransomware targets our pictures, documents, files, and data that are personally invaluable.
We can tell that we are under attack when we see any of the following:

What!?! There are several ransomware types?
Yes. Ransomware has shaped into different forms as it incorporates people’s computing habits and use recent technologies. There are two types of ransomware –

How does WannaCry work?
WannaCry works by encrypting data on a computer that has been infected and then tells the user that their files have been locked and displays information on how much is to be paid and when payment is taken through Bitcoin(a payment medium).



Is your computer vulnerable?
If you are running an older version of Windows that is no longer supported by Microsoft, you will be vulnerable to WannaCry, according to Microsoft’s blog. This includes Windows 8 and Windows XP which the majority of NHS England trusts are using.
But if you are using Windows 10 or any of the other version such as Windows Vista, Windows 7 and Windows 8.1 systems, you’ll be protected as long as your automatic updates are enabled.

When can a ransomware attack start?
Potential victims can fall into the ransomware trap if they are:

Prevention :

How big is the ransomware problem?
Ransomware is a global problem. The US, Italy, Russia, Korea, and Spain saw the most ransomware encounters in 2016.

After exploding in the past couple of years, ransomware encounters seem to have begun to decline. However, this trend is not a reflection of the email and exploit kit campaigns that try to install ransomware on computers. All in all, millions of computers still encountered ransomware in 2016.
In 2016, over 200 ransomware families were tracked. Over half of these families were discovered only in 2016, which means that cybercriminals are constantly releasing new ransomware in the wild.