The recent news in the wild about the #WannaCry ransomware has been doing its round on both the news and the social media. Thought of doing a quick post more about ransomware.
Definition (from Wikipedia)
Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptoviral that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse.
Advanced malware like the #wannacry, encrypts the victim's files, making them inaccessible. It then demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to reverse the files without the security code (known as the decryption key). Ransomware attacks are typically carried out on corporate networks more than individual users, this ensures more targets with minimal efforts.
Your computer is more at risk if you are using legacy Windows operating systems like - Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016.
If you are using any of the above-operating systems, get yourself the latest Windows 10 version. In the meantime, Microsoft has also released security patches on these legacy systems. Download and install them from here
Risks of ransomware
- loose access to all files
- remote access to all your data to the hackers
- digital identity theft
- access to your banking data
- Do backup your data regularly on an external hard-drives
- Disconnect from the internet before taking the backup
- update windows regularly
- use latest and updated anti-virus
- avoid banking transactions for now
- avoid using ATMs at the moment
- Do not open emails from unknown senders, no matter how interesting the subject line is
- Do not click on links to access your banking website. These can be potentially a phishing website which can capture your username and password
- Do not download suspicious looking files with file types as .xlsx .docx .pptx and .vbs etc
- Do not install any software from untrusted websites
For more information on #Wannacry ransomware visit the Times of India website.