K. Male'
|
15 May 2017 | Mon 13:44
Experts say "WannaCry" is likely to modify and continue its spread in a different form.
Experts say "WannaCry" is likely to modify and continue its spread in a different form.
Google
Worldwide Ransom-ware Attacks
Worldwide Ransom-ware Attacks: How can I protect my computer ?
Computers in more than 150 countries have been hit
Victims were asked for payment of MVR 4602
if none is received within seven days, the files will be deleted, according to the screen message.
Microsoft advice to update operating system

Computers in more than 150 countries have been hit by what experts are calling an unprecedented mass cyberattack using ransomware.

Experts were scrambling to determine who was behind the attack, which exploited a security flaw in older versions of Microsoft's Windows operating software.

Here is what we know so far about the cyber ransom attacks:

What happened?

Computers around the globe were hacked beginning Friday using a security flaw in Microsoft's Windows XP operating system, an older version that was no longer given mainstream tech support by the US giant.

The so-called WannaCry ransomware locks access to user files and demands money -- in the form of the virtual currency Bitcoin -- in order to decrypt them.

How many countries were affected?

Europol chief Rob Wainwright said more than 200,000 victims had been hit in more than 150 countries.

It is the largest ransomware attack observed in history.

High-profile victims include hospitals in Britain, the Spanish telecoms giant Telefonica, French carmaker Renault, US package delivery company FedEx, Russia's interior ministry and the German rail operator Deutsche Bahn.

How did the attack spread worldwide?

Experts said the ransomware programme appears to support dozens of languages, showing that the hackers wanted to corrupt networks worldwide.

The virus spread quickly because the culprits used a digital code believed to have been developed by the US National Security Agency -- and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab.

The attack is unique, according to Wainwright, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

The US security firm Symantec said the attack appeared to be indiscriminate.

Who was behind the attack?

So far, the culprits are unknown, as is the motivation. Security agencies in affected countries were racing to find out.

Experts think it unlikely to have been one person, with criminally minded cyber crime syndicates nowadays going underground and using ever more sophisticated encryption to hide their activities.

How much ransom was asked?

Victims were asked for payment of $300 (MVR 4602.00) in the virtual currency Bitcoin.

Payment is demanded within three days or the price is doubled, and if none is received within seven days, the files will be deleted, according to the screen message.

Given the attack's widespread nature, even such a small sum would stack up quickly, though few victims seem to be paying up so far.

Experts advise people not to pay, as it would only encourage the attackers, there is no guarantee that they will unblock files, and may result in them gaining access to victims' bank details.

How can I protect my computer?

The WannaCry virus infects only machines running Windows operating systems. If you do not update Windows, and do not take care when opening and reading emails, then you could be at risk.

However, home users are generally believed to be at low risk to this particular strain.

You can protect yourself by running updates, using firewalls and anti-virus software and by being wary when reading emailed messages.

Regularly back up your data so you can restore files without having to pay up should you be infected, as there is no guarantee that paying the ransom will result in your files being unlocked.

The UK's National Cyber Security Centre website contains advice on how to apply the patch to stop the ransomware - MS17-010 - and what to do if you can't.

- comment