#

WannaCry Ransomware Solved?

“WannaCry” Attacks Systems Worldwide!

In the last 48 hours, ransomware known as WannaCry or WannaCrypt has been attacking computers worldwide. About hundred countries reported infections by this virus and still no resolution in hands.

According to Kaspersky Lab at 1 pm yesterday, there are more than 45,000 infected devices from 74 countries and the number is in rise. The most infected countries are Russia, Taiwan, and Spain. And the most infected organization was the National Health System (NHS) in England and Scotland.

This issue lead around 40 NHS organization to cancel operations and appointments of patients. Regarding Russia, the virus hit domestic banks, the interior and health ministries. Moreover, the virus hit Russian railway along with a large mobile phone network. But interior minister said that 1000 computer were reported as damaged but the problem was dealt with and no sensitive was data damaged.

Among the Spanish infected firms comes Telefonica, the Spanish telecom giant. The power firm Iberdrola and utility provider Gas Natural are also victims. Staff working for the firms were told to shut down computers. According to Gizmodo, SwiftOnSecurity ordered its US partners to shut down their Windows-based systems after FedEx detected infections.

How does WannaCrypt work?

News websites reported that this ransomware is different from all other viruses. In previous conditions, the attacker tricks the user to download a file in order to attack the computer. But WannaCrypt works completely in other ways. The virus takes the shape of a worm which is a program that spreads itself between computers. When spread between computers, the ransomware locks up the devices and demands to pay money for unlocking. The money demanded is in bitcoin – virtual currency.

How to Solve this Problem?

If your computer is infected by ransomware, Gizmodo updated their page to post a proposed solution. This solution is to go to Microsoft Security Tech Center. This allows you to update versions and avoid any vulnerabilities. Gizmodo also posted this link for high priority updates.

On the other hand, TechCrunch carries good news about a 22 years old British boy solving the issue by coincident. For more technical information you can visit their link and read the article. But to make it short, the British researcher under the name of MalwareTechBlog, managed to cease much of the spread by registering a domain name in the ransomware code. This domain name acted as a “kill switch.” Microsoft developed a patch for the vulnerability earlier this spring, after it was released by a hacker group online. But many computer systems aren’t prepared for automatic updates. Moreover, older systems may not even be supported anymore.

How To Stay On The Safe Side?

The Street” reported that The Cyber Threat Alliance offers these guidelines to protect against the ransomware:

  • Make sure your operating systems, applications, and firmware are updated to the latest versions of the software.
  • Understand typical phishing techniques and how to block them, like for example by not opening email from unknown email addresses or attachments of certain file types.
  • Keep your web browsers updated, and turn on settings to disable browser plugins – examples: Java, Flash, and Silverlight – to prevent them from running automatically.
  • Review access and security policies within corporate networks to limit access to critical infrastructure from systems and users who don’t need it.

Note that we will update this article if more news is available.

SciVenue