The WannaCry ransomware attack (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is an ongoing cyber-attack.
WannaCry ransomware locks access to user files and appear an on-screen message demanding a payment of $300 in Bitcoin virtual currency/cryptocurrency in 28 languages to decrypt the files. Massive attack started on Friday, 12 May 2017. It was reported that more than 2,00,000 people have been affected across 150 countries.
It is important to notice that, unlike most previous ransomware which rely on a user to open an infected file or click on a link, WannaCry spreads itself automatically. The attack spreads by multiple methods, including phishing emails and on unpatched systems as a computer worm. According to Europol, the attack is unique, as it combines ransomware with a worm function.
Shortly after the attack began a researcher found an effective kill switch, which prevented many new infections, and allowed time to patch systems. This helped greatly to slow the spread. Though it was later reported that new versions that lack the kill switch were detected. Further, the attack has been described by Europol as unprecedented in scale.
WannaCry ransomware targeted the Microsoft Windows operating system mainly. The IT tech giant released patches to fix the ransomware vulnerability, but it was informed those patches do not work on unlicensed and outdated systems. Meanwhile, Brad Smith, Microsoft’s general counsel, in a strongly worded blog post on Sunday, hit out at the US government’s “stockpiling” of cyber weapons for facilitating attacks such as the WannaCry ransomware. “The governments of the world should treat this attack as a wake-up call,” wrote Smith.
USA stated that the extent of the attack was tamed. Unfortunately other countries like UK, China and India are still assessing the threats. It was reported that at least 45,000 computer systems in India have fallen by the WannaCry ransomware.
Security researchers say they have found evidence that suggests a state-sponsored hacking group in North Korea may be behind last week's global WannaCry ransomware hack, reported CNET.
The European Cybercrime Centre, EC3, at Europol is working closely with affected countries cybercrime units and key industry partners to mitigate the threat and assist victims. Europol has launched https://www.nomoreransom.org/ for further information on Ransomware, how to protect your data, devices, what to do when infected with ransomware and access to unlocking tools please visit. It is a free online resource developed by Europol, Dutch Police and industry partners.
So far there are no WannaCry incidents reported in Sri Lanka. Albeit, general public is informed on the possible danger.