The WannaCry ransomware first struck on May 12, with over 200,000 computers in over 150 countries got affected, CERT-In is holding a webcast on preventing WannaCry.
What Is WannaCry, Who Is Affected, and Everything Else You Need to Know About It
It is good that that you've already heard something about the WannaCry ransomware till now and there's a good chance, and are wondering what's going on, and whether your computer sysyem is prone to virus attack. In an advisory, CERT-In India has issued a red alert about WannaCry, or WannaCrypt.
But what is WannaCry ransomware? Does it act like a virus? Here's everything that you need to know about the cyber-attacks, in one simple list.
1. WannaCry is a ransomware program that is targeting Microsoft's Windows OS. Ransomware is a kind of cyber-attack where hackers can took over your PC, and can demand you to make a payment to keep using it or accessing your data. If you don't, they can even delete everything.
2. A large-scale cyber-attack was launched on May 12, affecting computers in 150 countries, and in less than a day, researchers observed 57,000 infections.
3. The hackers demanded bucks from $300 to $600 (approximately Rs.19,000 and Rs.38,000) in the form of Bitcoins. The International shipper FedEx, British NHS, Telefonica the telecommunications company and many others were among the targets.
4. In India, computers at Andhra Pradesh's police departments were hacked. Systems in 18 police units in Krishna, Chittoor, Visakhapatnam, Guntur and Srikakulam cities were affected.
5. R Jaya Lakshmi, Superintendent of Police, Tirupati Urban, said the 'ransomware' encrypted data in some police stations, adding that they were not able to access data and hackers were demanding ransom in Bitcoins to restore access.
6. India's digital security agency, CERT-In has issued a red alert, and advised users and organizations to apply patches to Windows. It added that WannaCry was targeting common file extensions such as PPT, DOC, and TIFF, along with media files such as MP4 and MKV files, and on Monday at 11am is holding a webcast on preventing the WannaCry ransomware threat.
7. According to a report, enterprises in Mumbai, Hyderabad, Bengaluru, and Chennai have been affected. The report noted for two South Indian banks are affected, and possibly also Renault in Chennai.
8. The IT ministry has also reached out to agencies such as the RBI, the NPCI, and UIDAI, to warn them about the risks associated with WannaCry, and help to secure their systems, in order to make sure that digital payments in India are not affected, reported PTI.
9. The ministry has also reached out to ISPs, to alerting them to secure their networks, and it has also reached out to Microsoft India to inform all its partners and customers to apply the relevant patches. "The impact has been somewhat contained in India because of the weekend. However, one will have to watch the situation as people return to work tomorrow and access their computers," Kaspersky Lab Head for South Asia Region Altaf Halde told PTI.
10. Xinhua, the China's official news agency stated, secondary schools and universities were hit, but could not be said how many or recognize them. William Saito, cyber security adviser to the Japanese cabinet and trade ministry, said some of the country's institutions were affected but declined to elaborate. According to Semuel Pangerapan, a director general at Indonesia's Communication and Information Ministry said that Jakarta’s two hospitals were hit, South Korea's Yonhap news agency said one of Seoul's university hospitals had been affected.
11. The hackers likely made WannaCry using a piece of NSA code released last month by a hacking group known as the Shadow Brokers, according to security researchers. The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the US spy agency.
12. The attack has crippled more than 200,000 computers, and struck banks, hospitals, and government agencies. All this took place over the weekend - the number of affected users is expected to grow now that the work week has begun, and people start logging into their devices.
13. Microsoft's president and chief legal officer, Brad Smith said in a blog post on Sunday, that it was in fact the NSA that developed the code being used in the attack. He warned governments against stockpiling such vulnerabilities and said instead they should report them to manufacturers - not sell, store or exploit them, lest they fall into the wrong hands.
14. Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too difficult to patch without possibly disrupting crucial operations, security experts said.
15. Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on May 12.
Also Read:Latest trends in Cybersecurity