71 Views

Global cyber-attack: Everything you need to know about ‘WannaCry’ ransomware

WannaCry broke out late Friday causing the most damage across several countries. It has since slowed down but we’ve definitely not heard the last of it.

There has been a ransomware outbreak which, according to the BBC, has infected 200,000 machines in 150 countries since Friday.

The malware called ‘Wanna Decryptor’ or ‘WannaCry’ — as it now fondly called — has caused some damage globally.

It caused Britain’s National Health Service (NHS) to cancel surgeries and crippled a wide array of private and public institutions in countries like Russia and China.

wannacry ransomeware
WannaCry Ransomware / Image via BGR

Security experts are calling this cyber-attack the “largest ransomware attack observed in history”.

Background

WannaCry broke out late Friday causing the most damage across several countries. It has since slowed down but we’ve definitely not heard the last of it. There are still chances of a second spike.

According to CNN, the malware was leaked last month by a group called the Shadow Brokers.


What exactly is a ransomware

A Ransomware is a type of malware. It restricts access to the computer system that it infects, and demands a ransom be paid to the creator(s) of the malware for the restriction to be removed.

Some forms of ransomware encrypt files on the system’s hard disk. Others may simply lock the system and display messages intended to persuade the user to pay.


How does WannaCry operate?

Ransomware like WannaCry first encrypts the files on your computer. That is, it hides the most or even all the files on your computer by means of a code.

Next, it requests for a particular amount — a ransom — to be paid in order for your files to be decrypted.

In this case, the malware asks the victim pays a ransom of $300 in bitcoins.

If the user doesn’t pay the ransom within three days, the amount doubles to $600.

After seven days without payment, WannaCry will delete all of the encrypted files and all data will be lost.

ransomware
Image credit: Wall Street Journal

What damages have been done so far?

According to the BBC, there were more than 200,000 victims in 150 countries on Sunday. However, that figure is likely to grow as people switch on their computers on Monday if their IT has not been updated and their security systems patched over the weekend.

In the UK, the National Health Service (NHS) was hit hard. The malware caused surgeries and appointments to be canceled.

Other high-profile victims include hospitals in Britain, the Spanish telecoms giant Telefonica, French carmaker Renault, US package delivery company FedEx, Russia’s interior ministry and the German rail operator Deutsche Bahn.

The attack also affected business in some private and public organizations in Russia and China.


Is the attack over?

No.

On Saturday, a 22-year-old security researcher named Marcus Hutchins inadvertently slowed the spread of the WannaCry virus when he registered a domain name hidden within the virus’ code in an attempt to track the spread of WannaCry, unintentionally stopping its progress in the process.

Unfortunately, the spread of WannaCry wasn’t actually stopped, but instead slowed.


Has there been any case in Nigeria?

As at the time of this report, we had not heard any case of this attack in Nigeria.

However, considering the rate at which the malware is spreading, and that Nigeria is a major user of Microsoft OS — the OS most prone to the attack, Nigeria is very vulnurable to the attacks.

The National Information Technology Development Agency (NITDA) has opened its helplines.

They can be reached via telephone on +2348023275039 or e-mail: support@cerrt.ng.


How can I protect myself from WannaCry?

While the malware is attacking mostly corporate organizations, there are a few precautions individuals can take to beef up their security.

Update your Operating System

Regardless of which operating system you run, you should install any and all available security updates immediately. You should immediately install this security update released on Friday by Microsoft.

Also set up automatic update. Here’s how to turn on automatic update

Backup all your files.

If you don’t already have a backup routine, start now: Regularly save copies of all your files. That way, if your machine gets infected and your photos and documents are encrypted, you don’t need to worry about losing them.

Finally, always stay alert. Don’t click on links that you don’t recognize, nor download files from people you don’t know personally.


What if my computer is already infected?

Dr. Isa Ali Ibrahim Pantami, the Director-general/CEO, National Information Technology Development Agency, (NITDA), advised that if your system is infected by ransomware you should take the following steps:

  1. Isolate the system from your network to prevent the threat from further spreading.
  2. Do not use flash/pen drive, external drives on the System to copy files to other systems
  3. Format the System completely and get fresh OS copy installed
  4. Contact NITDA for further assistance: +2348023275039 or  support@cerrt.ng.

 

Have you experienced the cyber-attack? Email contact@ekometro.com with your stories.

Please include a contact number if you are willing to speak to an EkoMetro journalist. You can also contact us in the following ways:

Or use the form below

If you are happy to be contacted by an EkoMetro journalist please leave a telephone number that we can contact you on. In some cases a selection of your comments will be published, displaying your name as you provide it and location unless you state otherwise. Your contact details will never be published.

Like
Like Love Haha Wow Sad Angry
1
  • Trust Adekoye

    Hmm…