What is WannaCry Ransomware, how does it attack your computer?

For more than a century now, technological advances have brought the world closer. Technological development has had a strong impact on the way society communicates. Technology by itself is not harmful to the society, but the way society uses technology to achieve specific goals (with wrong intention) is what results into negative impacts of technology on the society.

Best example of it is what the world is facing right now! A global Cyber Attack.

Wanna Cry ransomware attack is an ongoing cyber attack of the WannaCry ransomware computer worm, targeting the Microsoft Windows operating system, encrypting data and demanding payment from the victim in the crypto currency bitcoin.

On 12 May 2017, WannaCry began affecting computers worldwide and has been described as unprecedented in scale, infecting more than 230,000 computers in over 150 countries. The worst-hit countries are reported to be Russia, Ukraine, India and Taiwan along with many others worldwide.

An Indian cyber security firm has claimed that it detected over 48,000 ransomware attack attempts within the country in total.

British cyber security researcher Marcus Hutchins managed to stop the spread of the first wave of the WannaCry infection by accidentally triggering a “kill switch” when he bought a web domain for less than £10.

When the WannaCry program infects a new computer it contacts the web address. It is programmed to terminate itself if it manages to get through. When the 22-year-old researcher bought the domain the ransomware could connect and was therefore stopped.

The minute Hutchins registered the domain; it stopped the malware’s ability to spread; a huge relief to security researchers, even if the infected systems still remained on lockdown. It gave people time to update and patch security vulnerabilities, especially in the US, where WannaCry was yet to effectively penetrate before the kill switch was found. Hutchins’ actions may have saved thousands of people from being the next line of victims by the malware.

What is WannaCry Ransomware?

A malicious software or malware called Wanna Decryptor or WannaCry, exploited a flaw in Microsoft’s software security in order to hijack the hard drives of 230,000 computers around the world, holding data on those computers hostage until a ransom of various amounts has been paid.

A malicious software or malware called Wanna Decryptor or WannaCry, is a specific ransomware program that locks all the data on a computer system and leaves the user with only two files: instructions on what to do next and the Wanna Decryptor program itself.

When the software is opened it tells computer users that their files have been encryted, and gives them a few days to pay up, warning that their files will otherwise be deleted. It demands payment in Bitcoin, gives instructions on how to buy it, and provides a Bitcoin address to send it to.

Bitcoin is a cryptocurrency and a digital payment system invented by an unknown programmer . The digital currency is popular among cybercriminals because it is decentralised, unregulated and practically impossible to trace.

It mainly affected the computer using Windows XP operating system. Soon after the attack Microsoft released security update for Windows XP, Vista, and Windows 8 Operating system.

How to protect yourself from WannaCry ransomware?

  • Microsoft has urged anyone who hasn’t already updated their system with the security update to do so immediately.
  • Never click on links you don’t recognise or download files from people you don’t know or trust.
  • Never open mails and attachments from unknown person or unrecognised source.
  • Individuals should also install any other software updates and switch on auto-updaters where possible.
  • Microsoft also recommends running its free anti-virus software for Windows.
  • Regularly back up your files by regularly saving copies in a completely separate system, such as an external hard drive.
  • Install an anti-virus software and check for regular security updates.

The Cyber security researchers are also hard at work, attempting to track down where WannaCry initiated from. The only way to stop people from being victimised by malware they aren’t familiar with is to catch the perpetrators and stop the infection at the source.



Anusha Shetty