Skip to main content

WannaCry ransomware attack


This is an ongoing cyber-attack of the WannaCry ransomware computer worm targeting the Microsoft Windows operating system.

 The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrencyBitcoin in 28 languages. The attack has been described by Europol as unprecedented in scale.

Basically what happens is that a user data is locked, encrypted or even stolen and held at ransoms. The attacker then asks for pay in various forms mostly in bitcoins (it’s hard to retract the money back) and once paid they give you the decrying key or send back your data. (Not 100% guaranteed)

It’s discovered over a million internet-connected devices that expose SMB on port 445. Of those, more than 800,000 run Windows, given that these are nodes running on the internet exposing SMB – it is likely that a large percentage of these are vulnerable versions of Windows with SMBv1 still enabled.

While scanning for devices that expose port 445 has been observed for quite some time, the volume of scans on port 445 has increased since 2017-05-12 (Friday), and a majority of those scans are specifically looking to exploit MS17-010, the SMB vulnerability that the WannaCry[pt] malware looks to exploit," Rapid7 reports.

These attacks has affected many of the large companies including FedEX, Britain Natinal health service, Latam airlines. Russia was among the worst hit by this attack, but analysts say the hackers may not be Russians as the county has very strict policy and one may face a very long jail term if gulity.

Targeted machines are used to mine for the Monero cryptocurrency. Monero is an alternative to Bitcoin recently adopted by the AlphaBay darknet market to trade in drugs, stolen credit cards, and counterfeit goods.

Previously the attackers would infect the victim’s machine with the malware that would give them the ability to take over or use the victim’s machine resources in crypocurrency mining. This consequently made users machine slow.

"Once infected through use of the EternalBlue exploit, the cryptocurrency miner Adylkuzz is installed and used to generate cybercash for the attackers," said Robert Holmes, vice president of products at Proofpoint.

 Handling the attacks


What happens if you are already under attack? These is a solution? Can I get my data back?

All these are questions that run on the victims mind when a ransom has been placed.  As an expert the reverse process of obtaining the data is a 50/50 situation.

First do not pay the attacker under any given condition. Secondly do not try and retrieve the data yourself you may end up messing everything.

Secondly make offline the attacked machine. These prevents further damage.

Lastly contact a cyber-security expert. (Definitely not your ISP, computer repair technician).

 This is due to the fact that they are able to reverse the ransom and even track the hacker.
This process will definitely be expensive but if the data is sensitive (servers and the likes) you basically have no option.

Prevention


First goes to all system administrators: for the love of Moses patch and update your server’s whichever operating system. Hackers take advantage of these loop holes in your server to gain access. Remember also to close open ports that you don’t use. For more contact me…..

Secondly, dear users what’s up with clicking links and opening suspicious attachments? If you get attachments that you did not expert contact your system administrator  (these people are employed to handle that not diagnose your personal cell phone)

Thirdly lets update our antivirus as well as renew expired once. It might seem lame but it goes along way. Don’t disable it as well. Let it run in the background, trust me it does a lot that you do not see.

In an art shell prevention is better than cure. In Kenya we are not vastly affected but that does not mean we are safe. Let’s keep our eyes open and servers guarded.


Comments

Post a Comment

Popular posts from this blog

Revolutionizing Agriculture: Precision Farming with Drones and Sensors

  Drones in Agricuture In the rapidly evolving world of agriculture, precision farming stands out as a groundbreaking approach that harnesses the power of technology to enhance productivity, sustainability, and efficiency. Among the most transformative tools in this field are drones and sensors, which are redefining traditional farming practices. This article delves into how these technologies are being integrated into modern agriculture, the benefits they offer, and the future they promise. The Rise of Precision Farming Precision farming, also known as precision agriculture, involves the use of technology to manage crops and soil in a more precise and controlled manner. The goal is to optimize field-level management regarding crop farming. Unlike conventional methods that rely on broad-spectrum approaches, precision farming tailors practices to the specific needs of different areas within a field. Drones: Eyes in the Sky Drones, or unmanned aerial vehicles (UAVs), have become an i...
Post a Comment
Read more

Early Detection of Brain Disorders: Using Wearable Devices Through Eye Movement

 Early Detection of Brain Disorders Using Wearable Devices Through Eye Movement Introduction In recent years, the integration of wearable technologies into healthcare has opened up exciting possibilities for early disease detection. Among these developments, wearable sensors that track eye movement have emerged as a promising tool in diagnosing brain disorders. Eye movement, which is closely linked to brain function, can offer vital clues in detecting neurological conditions such as Parkinson’s disease, Alzheimer’s, and other cognitive impairments. This research addresses a pressing question: Can subtle changes in eye movement patterns be reliably used to detect brain disorders before clinical symptoms become evident? With advancements in precision medicine and AI, the convergence of IT, biomedical engineering, and neuroscience is becoming not only possible but necessary. As a software engineer transitioning into bioinformatics, I see this as a pivotal opportunity to apply data sc...
Post a Comment
Read more

Apple’s 2024 Keynote: New Calculator App for iPad and More!

 As a self-proclaimed non-Apple fanboy, I have to admit, Apple's latest keynote had a few surprises that even caught my attention. Among the usual fanfare of sleek designs and incremental updates, Apple dropped a few notable bombs, including the long-awaited launch of a native  Calculator app for the iPad. Yes, you read that right. The iPad finally has a calculator, and it’s bringing some extra features to the table like Math Notes and Apple Pencil support. Let’s dive into what went down at the keynote and why it might be worth paying attention, even if you’re not an Apple devotee. The Headline Act: Calculator App for iPad For years, iPad users have been scratching their heads wondering why Apple, in all its innovative glory, never included a basic calculator app on its tablets. Well, the wait is finally over. Apple has introduced a Calculator app that goes beyond mere arithmetic. The app includes Math Notes, which allows users to jot down notes and calculations side-by-side. ...
Post a Comment
Read more