Thank WannaCry For Showing Us the Importance of InfoSec
It's been about a week and a half since WannaCry shocked the world. An InfoSec expert explains some basic points of the attacks.
Join the DZone community and get the full member experience.Join For Free
WannaCry Ransomware-the global cyber-attack has been in the limelight since 12th May 2017. This virus has overblown organizations in 150 countries. Though the attack was decelerated after a gap of 24 hours of devastation, its effect has not completely vanished. Before we dive into the details of the attack, let’s understand what ransomware and WannaCry is.
Yes, it is. RANSOMWARE means asking ransom in the form of Bitcoin (cryptocurrency) for accessing your own data in your system. Ransomware is a kind of spiteful virus which attacks a computer or a system, encrypts its data, and blocks access to it. Hackers demand a ransom to give you back your access to the encrypted data.
Why Do Ransomware Attackers Love Bitcoin?
Ransomware attackers love Bitcoin because it’s digital gold. Bitcoin, invented by Satoshi Nakamoto, is known as a decentralized digital currency as it has no existence in the physical world and it doesn’t have a central bank.
Bitcoin is popular among cybercriminals because it is decentralized, unregulated, and practically impossible to trace. Bitcoin can be exchanged without the provision of any arbitrator. In other words, users can transfer the Bitcoin to another user without any interference of bank or credit card, etc.
Once hackers receive Bitcoin, they can use them in various ways and they can also exchange them for currency. Blogging platforms like WordPress, retailers like Amazo,n and renowned names like PayPal accept Bitcoin.
Where Can You Buy Bitcoin?
Bitcoin can be easily exchanged for currency online, there are websites such as CoinBase and Bitcoin.org, and there are also online sellers who can be reached easily but be sure to verify from whom you are buying Bitcoin.
WannaCry – the Eye-Opener in the History of Ransomware Attacks
WannaCry, the biggest ransomware attack in the history of cyberattacks, and the first reported by the National Security Agency (NSA), has caused chaos in 150 countries.
WannaCry was the name given to the Ransomware attack that took 300,000 systems’ data hostage across the globe and demanded $300 (approximately) as ransom. This ransomware aimed at all kinds of files in PCs including documents, images, archives, and videos, etc, and encrypted them with 2048 bit key encryption. These encrypted files got hooked with the extension “.wcry” and cannot be opened until the ransom is paid.
Why Is WannaCry the Biggest Cyberattack So Far in History?
It’s massive not just because of the number of PCs and countries it has affected, but also the logical evolution of the attack. The ransomware initially spread through phishing and social engineering attacks. Once a system is infected, the WannaCry virus scans the network for Windows machines and exploits the vulnerable versions of Windows SMB (Server Message Block) that are exposed.
Who Was Most Affected by the WannaCry Outbreak?
So far this malware has made its way into personal computers, as well as organizational and governmental systems.
- 48 UK National Health Service trusts.
- NHS in England and Scotland.
- FedEx in the U.S.
- Telefonica, Gas Natural in Spain.
- Local railway ticket machines in Germany.
- University computer labs in Italy.
- Renault and Nissan car manufacturing plants in France.
- U.S. universities.
- Russian governmental agencies.
- Chinese ATMs.
- Local Authorities in Sweden.
- Dozens of systems in Andhra Pradesh Police Department and other governmental systems in India.
And many more.
Home users are always the FIRST to be targeted for any cyberattacks and for WannaCry they were the easiest because:
- Most home users do not have the support of baseline cybersecurity.
- Most home users use outdated software which is not capable of detecting advanced virus infection.
Why WannaCry Went After Businesses
Businesses were taken as a target with the highest priority because:
- Attackers know that businesses are the best source to generate money.
- Businesses cannot face disruptions so they will be forced to pay the money.
What Are Some Preventive Measures to Take Against Ransomware Attacks?
- First and foremost is to be aware of the latest trends in cybersecurity.
- Always equip your system with the latest antivirus protection.
- Keep your operating system and third-party applications, including Antivirus Software, up to date with the latest patches.
- Turn off macros and ActiveX in Microsoft Office files like Word, Excel, and PowerPoint, etc.
- The crucial one is backing up your data. It is advised to store the backup both in offline storage and online storage. Make sure that these backup devices or services are connected only when they are needed.
- Use antispam protection to be secure from spam or malicious emails. Apart from this, one should be reluctant to open any suspicious attachments. These attachments can be in the form of messages or phishing emails from anyone either known or unknown. So, one should think twice before opening a link.
- Don’t install a browser add-on to block popups, as these may pose as an entry point for ransom/Trojan attacks. And also don’t install unnecessary and untrusted add-ons.
- Deactivate USB/CD auto-play on your PC. Perform virus scans before using any external device.
Thank WannaCry. We Can Now Prepare for the Worst
For some time, security researchers have been warning us about a huge ransomware attack. WannaCry, though its impact is on a large scale, is just a hint for us to know the importance of InfoSec and to focus on it. Ransomware that will raise tomorrow in the form of another cyber-attack will be bigger than WannaCry.
Future hacking attacks will be more savage than the current one if preventive measures are not strict.
Moreover, the rate of technological advancement is increasing with time and it becomes next to impossible to uproot the problem of cyberattacks. So, we should be alert and be aware of what all we go through on the internet.
Finally,“We need to thank WannaCry for letting us recognize and realize the importance of InfoSec.”
Opinions expressed by DZone contributors are their own.
Application Architecture Design Principles
Is Podman a Drop-in Replacement for Docker?
Explainable AI: Making the Black Box Transparent
Incident Response Guide