Skip to main content

WannaCry ransomware attack


This is an ongoing cyber-attack of the WannaCry ransomware computer worm targeting the Microsoft Windows operating system.

 The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrencyBitcoin in 28 languages. The attack has been described by Europol as unprecedented in scale.

Basically what happens is that a user data is locked, encrypted or even stolen and held at ransoms. The attacker then asks for pay in various forms mostly in bitcoins (it’s hard to retract the money back) and once paid they give you the decrying key or send back your data. (Not 100% guaranteed)

It’s discovered over a million internet-connected devices that expose SMB on port 445. Of those, more than 800,000 run Windows, given that these are nodes running on the internet exposing SMB – it is likely that a large percentage of these are vulnerable versions of Windows with SMBv1 still enabled.

While scanning for devices that expose port 445 has been observed for quite some time, the volume of scans on port 445 has increased since 2017-05-12 (Friday), and a majority of those scans are specifically looking to exploit MS17-010, the SMB vulnerability that the WannaCry[pt] malware looks to exploit," Rapid7 reports.

These attacks has affected many of the large companies including FedEX, Britain Natinal health service, Latam airlines. Russia was among the worst hit by this attack, but analysts say the hackers may not be Russians as the county has very strict policy and one may face a very long jail term if gulity.

Targeted machines are used to mine for the Monero cryptocurrency. Monero is an alternative to Bitcoin recently adopted by the AlphaBay darknet market to trade in drugs, stolen credit cards, and counterfeit goods.

Previously the attackers would infect the victim’s machine with the malware that would give them the ability to take over or use the victim’s machine resources in crypocurrency mining. This consequently made users machine slow.

"Once infected through use of the EternalBlue exploit, the cryptocurrency miner Adylkuzz is installed and used to generate cybercash for the attackers," said Robert Holmes, vice president of products at Proofpoint.

 Handling the attacks


What happens if you are already under attack? These is a solution? Can I get my data back?

All these are questions that run on the victims mind when a ransom has been placed.  As an expert the reverse process of obtaining the data is a 50/50 situation.

First do not pay the attacker under any given condition. Secondly do not try and retrieve the data yourself you may end up messing everything.

Secondly make offline the attacked machine. These prevents further damage.

Lastly contact a cyber-security expert. (Definitely not your ISP, computer repair technician).

 This is due to the fact that they are able to reverse the ransom and even track the hacker.
This process will definitely be expensive but if the data is sensitive (servers and the likes) you basically have no option.

Prevention


First goes to all system administrators: for the love of Moses patch and update your server’s whichever operating system. Hackers take advantage of these loop holes in your server to gain access. Remember also to close open ports that you don’t use. For more contact me…..

Secondly, dear users what’s up with clicking links and opening suspicious attachments? If you get attachments that you did not expert contact your system administrator  (these people are employed to handle that not diagnose your personal cell phone)

Thirdly lets update our antivirus as well as renew expired once. It might seem lame but it goes along way. Don’t disable it as well. Let it run in the background, trust me it does a lot that you do not see.

In an art shell prevention is better than cure. In Kenya we are not vastly affected but that does not mean we are safe. Let’s keep our eyes open and servers guarded.


Comments

Post a Comment

Popular posts from this blog

Revolutionizing Agriculture: Precision Farming with Drones and Sensors

  Drones in Agricuture In the rapidly evolving world of agriculture, precision farming stands out as a groundbreaking approach that harnesses the power of technology to enhance productivity, sustainability, and efficiency. Among the most transformative tools in this field are drones and sensors, which are redefining traditional farming practices. This article delves into how these technologies are being integrated into modern agriculture, the benefits they offer, and the future they promise. The Rise of Precision Farming Precision farming, also known as precision agriculture, involves the use of technology to manage crops and soil in a more precise and controlled manner. The goal is to optimize field-level management regarding crop farming. Unlike conventional methods that rely on broad-spectrum approaches, precision farming tailors practices to the specific needs of different areas within a field. Drones: Eyes in the Sky Drones, or unmanned aerial vehicles (UAVs), have become an i...
Post a Comment
Read more

The Impact of 5G Technology on Businesses and Consumers: Benefits and Challenges

The advent of 5G technology has ushered in a new era of connectivity, promising faster speeds, lower latency, and more reliable networks. This revolutionary technology is set to impact not only how we communicate and consume content but also how businesses operate and innovate. In this blog post, we will delve into the far-reaching implications of 5G on both businesses and consumers, exploring the benefits it brings and the challenges it poses. Benefits for Businesses: Enhanced Mobile Workforce: 5G enables faster and more stable connections, making remote work and collaboration seamless. Businesses can have a highly productive mobile workforce, leading to increased efficiency. IoT Advancements: The Internet of Things (IoT) will thrive with 5G, as it can support a massive number of connected devices. Industries like manufacturing, healthcare, and logistics will benefit from real-time data analytics and automation. Improved Customer Experience: Faster download and streaming speeds mean b...
Post a Comment
Read more

The future of Artificial Intelligence: trends, challenges, and opportunities

  The future of Artificial Intelligence (AI) is an exciting topic, with many trends, challenges, and opportunities to explore. AI is rapidly advancing and changing the world we live in, from business and healthcare to entertainment and social media. In this blog post, we will dive into some of the latest trends in AI, examine the challenges that come with AI, and explore the opportunities that AI presents. Trends in AI: One of the biggest trends in AI is the development of deep learning algorithms. These algorithms use neural networks to learn from vast amounts of data, making it possible for machines to recognize patterns and make predictions with high accuracy. Another trend is the integration of AI with other technologies, such as the Internet of Things (IoT), which is creating a world where machines are connected and can communicate with each other in real-time. Challenges in AI: One of the biggest challenges in AI is the ethical and moral implications of using AI. As AI become...
Post a Comment
Read more