What Is the WannaCry Ransomware Attack?
The proliferation of ransomware recently has become the source of distress for many in the last several years with a substantial increase in occurrences in the last several months. This includes files and data from a personal computer, network or even smart phone being held for ransom in encrypted format by miscreants of the internet. One of the largest, the WannaCry was recently thwated by a 22 year old surfer who identified an ingenious way to shut down an attack.
First, the perpetrators will use a phishing email to get into your computer or network. Note, in the 2016 it is reported that 40% of all such spam contained ransomware. When the email is opened the perpetrators will grab your files and will encrypt them. When you attempt to access these files they will appear as undecipherable gibberish. It is estimated by Sonicwall that there were over 600 million of these such attacks in 2016. The FBI indicates that in 2015 the total amount of payments made in ransomware cases was $24 million. In 2016 that number increased to over $1 billion. The number and frequency of such attacks has become pandemic and now perpetrators have escalated the game to a more insidious level. In particular, they are threatening to not only hold data for ransom but also to destroy or “shred” the data unless ransoms are paid. This can be particularly devastating in cases where the ransomware attack is directed against a hospital and patient files are lost, for law enforcement agencies where files and video evidence is destroyed and in many other situations. Ransoms are often paid to malefactors and in some cases, the FBI has actually conveyed to hospitals that they pay the ransom to reassume control of their data as they have failed to track the perpetrators. Ransom payments are maid in bitcoin which is far more difficult to trace. Victims are forced to either resolve themselves to the loss of data or pay the ransoms.
In the case of the WannaCry attack, it had rapidly spread to over 150 countries with demands for several hundred dollar payments to each victim. It was thwarted when it was sourced back to an unregistered domain and this was in turn shut off.
The best lesson is to diligently keep track of and discard spam and do not open emails you do not recognize. Otherwise, you could learn a costly lesson if you want to preserve your data.