On 12 May 2017 , WannaCry being Affecting computer worldwide. The initial infection might have been ether through a vulnerability in the network defenses or a very well-crafted spear phishing attack. When executed the malware first checks the "kill switch" domain name if it is not found. then the ransomware
encrypts the computer data, then attempt to exploit the SMB
vulnerability to spread out to random computer to on internet , and literally to computers on same network. As with other modern ransomeware, the payload displays a message informing the user that files have
encrypted, and demand on payment of around $300 in bitcoin within three days or $600 within One day.
The Windows vulnerability is not a zero-day flaw,but one for which Microsoft had made available a
security patch on 14 march 2017, nearly two months before the attack. The patch was to the Server massage block (SMB) protocol used by Windows. Organizations that lacked this security patch were affected for this reason , although there is so far no evidence that any were specifically targeted by the ransomeware developers. Initially any organization still running older version of Windows XP was at particularly high risk because a security patches had been released since April 2014 (with the exception of one emergency patch released in May 2014). However, after the outbreak,Microsoft released a security patch for Windows XP on 13 May 2017 , The day after the attack launched.
The Ransomeware campaign was unprecedented in scale according to Europe. The attack affected many Nation Health service hospitals in England and Scotland, and up to 70,000 devices - including computers,MRI scanners, Blood-stores refrigerators and theatre equipment- may have been affected. On 12 May,some NHS services had to turn away non-critical emergencies, and some ambulances were diverted. In 2016, thousand of computers in 42 separate NHS trusts in England were reported to be still running Windows XP. NHS hospitals in Wales and Norther were unaffected by attack.
The attack chiefly struck computers in Europe and Asia, Largely sparing North america. The wannaCry virus spreads among computers running on Microsoft Windows operating systems, infecting and then locking individual machines. Affected users receive an electronic message demanding a ransom to be paid in electronic currency called Bitcoin.
Electronic gain Hitachi (HTHIT) said the Japanese "
company's computer had difficulties sending and receiving emails and opening attached files", problems that corporate official said "
were believed to be related to the attach . However, the problem had not hurt Hitachi's business operation"
So be sure to avoid unknown link opens and web sited from your daily activities
Share this to your friends let them now how critical is this!
Comments
Post a Comment