The Biggest ever cyber attack was reported on 12th May 2017. It was an attack of Ransomware called WannaCry. Within couple of days WannaCry had infected 230,000 computers running on Microsoft Windows operating System over 150 countries. Big Organizations like NHS(National Health Service, England) along with Some Institutions of China, USA, Russia and the most of Europe brutally affected by this. A vulnerability in Microsoft windows called EternalBlue was discovered by NSA(National Security Agency, USA) in the earlier months of 2017. When this information leaked from NSA, Hackers spread and executed their Ransomware in server as well as Individual system by this EternalBlue exploit. Later this vulnerability was patched by Microsoft as soon as it happened.
According to Microsoft organization, still if you are using older version of Windows OS which is no longer supported by Microsoft or if you have not updated your system so far then your system is vulnerable to WannaCry ransomware.
What is Ransomware?
Ransomware is a Malware(Malicious Software) which when infects your computer, it encrypts all your data files and restrict the access to those files. Then the program puts up a screen and threatens to delete your files if you will not pay them their demanded money within a allotted time periods. It shows that if you will pay them their demanded ransom money then they will send you a key by which you can decrypt or unlock all your files.
By the attack of Ransomware, all your files with extensions like .doc, .pdf, .JPEG, .ZIP, .txt etc will be encrypted and will become a nonexecutable Ransomware files with extension like .ecc, .xyz,.abc, .encrypted, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .pzdc, .RDM, .RRK, .encryptedRSA etc. You can’t open files with these extension anymore.
Ransomware uses RSA security protocol to encrypt your files. This is a very strong and unbreakable security protocol used by banking and other financial institution to secure your operations. So it’s almost impossible to decrypt a ransomware infected file by any antivirus, or a scanner program. Though Cypersecurity Researchers claim to have methods to fix Ransomware infections, but it’s not proved yet. As it has no cure or fix once it is infected, all we can do is try our best to prevent the infection or attack of Ransomware.
How does it get in to your Computer?
Like other malicious software, Ransomware also come in to your system through Internet. Hackers attach the Malware in your email or they attach it with other downloadable files present in internet. When you click to download such files, the file gets downloaded to your computer hard disk and the ransomware automatically get installed, no need to execute that manually. And then this software executes and encrypts all your files without your knowledge about its presence.
How much Money does a Ransomware demand?
The ransom amount varies. Some ransomware demands $100 where some attacks demands more than $50,000. In many cases they accept their worth amount as Bitcoins.
Bitcoin: Like Dollar is the currency of America and Rupee is the currency of India, Bitcoin is a currency of Internet. It’s a digital currency that is not tied to a Bank or Government, One has to by Bitcoins by paying the currency of his country and then the user can send it directly to anonymous without any intermediaries, without any records. Recent value of one Bitcoin is $1,734.65 which is around INR 1,12,000/- at this time.
FBI and other cyber cells always recommend victims not to pay the ransom as it will encourage the attackers to do it again for a heavy income, but study says 70% of Businessman victims paid hackers to get their data back. And overall 34% of victims paid the ransom.
Do you really get your data back after paying the ransom?
There is no guarantee that after paying the ransom money you would get a decryption key or any recovery tools from the hackers to get your data back. It’s you who is sensitive towards your data but not the hackers. Money is the only point of concentration for them. Study says only 47% of victims who paid ransom to the hackers actually could recover their Data. So if your Data is way much important for you and you want to pay hackers to get it back, then you must get confirmed that they are going to help you after getting their demanded money from you.
How can you prevent the ransomware attack?
Prevention is the best Safeguard in any cases. In the matter of ransomware it’s nearly impossible that you can recover your data completely without paying the hackers by using any tools. So it’s good to be aware and prevent the attack.
1.Use updated Software: Always update your OS as well as the other softwares you are using. Outdated Programs are more vulnerable to attacks. Never use patched software, always try to get genuine one.
2.Do not download attached file in a Email from unknown source: Avoid to open the Emails which offers you attractive things or money. Don’t download the attached file in the Email when you don’t know what is attached in it.
3.Use a robust Antivirus program: Antivirus protects your system from the malicious programs. Always use a robust antivirus to find out the presence of harmful programs in your computer and disable or delete it.
4.Check before you click on a download link on internet: Hackers also attach their ransomware with any downloadable file on internet. So check properly whether you are downloading the right file or not. If you discovered unknown process on your computer, disconnect it immediately from internet.
5.Back-up your Important Data: Even though you are attacked by ransomware you there won’t be anything to worry about if all your important data are backed-up. So keep backing-up your data periodically. You may save the back up in any external drives or in a cloud like DropBox/ Google Drive/OneDrive etc.
This is all about What is ransomware, how does it work and how to prevent your computer from the attack of ransomware..
Thank you for visiting this page. Hope this article was informative for you.We are waiting for your valuable comments.