On Friday, May 12, the world was hit with a massive cyber-attack with over 200,000 computers across 150 countries affected.
Experts described it as the world’s “greatest cyber-attack”.
How the WannaCry virus works
The hackers use tools stolen from the US National Security Agency (NSA) and released on the internet.
An illustration showed that once you receive an infected file typically attached to an email or a URL, an encryption key locks all your data.
When you try to open a file, a message appears, demanding a ransom. In a matter of minutes, your files are our of reach.
If you don’t pay, your encrypted files are lost. Once you pay by sending the money to an anonymous recipient hiding in the ‘Darknet’, you get the key to use unlock your files in an hour or so.
Payment in crypto-currency bitcoin helps hackers cover their tracks.
The scale of the cyber-attack
Europol said over the weekend that although ransomware is not new, the size of the current attack is “unprecedented”.
It also expressed fear that figure of affected computers and countries is likely to grow with time especially “as people use their computers if their IT has not been updated and their security systems patched over the weekend.”
In the wake of the attack, Microsoft said it had taken the “highly unusual step” of releasing a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003.
But then, the patches won’t do any good for machines that have already been hit.
The Impact of the attack
Since the beginning of the attack, WannaCry has already caused massive disruption around the globe.
Reports have it that sixteen National Health Service (NHS) organizations in the UK have been reportedly hit with some of the hospitals cancelling outpatient appointments.
In China, the internet security company Qihoo360 issued a “red alert” saying that a large number of colleges and students in the country had been affected by the ransomware.
Major global companies said they came under attack as well.
Fedex said Friday it was “experiencing interference with some of our windows-based systems caused by malware.”
Similarly, two big telecom companies, Telefónica (TEF) of Spain and Megafon of Russia, were also hit, as was Japanese carmaker Nissan (NSANF) in the U.K.
How did the attack spread so fast?
Unlike many other malicious programmes, WannaCry has the ability to move around a network by itself. Most similar viruses rely on humans to spread by tricking them into clicking on an attachment harbouring the attack code.
Once WannaCry has penetrated an organisation, it will hunt down vulnerable machines and infect them as well. This is probably why its impact is so public – because large numbers of machines at each victim organisation are being compromised.
How to protect your computer from the virus
The Nigerian Communications Commission (NCC) on Tuesday issued protective measures that would help forestall damages incurred from the attack
The commission had advised that computer users should among other things, “obtain software patch released by Microsoft in March 2017 to fix the virus as well as plan scheduled penetration tests on the networks and systems to ensure protection and availability at all times.
Who is behind the attack?
Security agencies have so far not been able to identify who was behind the attack.
Europol said it does not know the motive behind it. It says ransomware attacks were “normally criminal rather than political in nature… Remarkably few payments had so far been made in response to this attack.”
Wellsmore and other cybersecurity experts said the identity of the perpetrators is still unknown.
“We don’t expect this to be a sophisticated group,” said Wellsmore. “We expect this is a small operation that is undertaking this. They just happen to hit the motherlode. Unfortunately for the rest of us, this thing went quite global quite quickly.”
Follow us on twitter @thecableng