AMU Cyber & AI Editor's Pick Original

WannaCry: The Threat May Be Mostly Gone, but the Danger Lives On

Get started on your cybersecurity degree at American Military University.

By Marissa Bergen
Contributor, InCyberDefense

When it comes to cybercrime, it seems as if hackers who want to invade our privacy will stop at nothing. Although ransomware is given cute names, the attacks are anything but cute.

One form of ransomware that has wreaked havoc on computer systems is WannaCry. This cyberattack paralyzed a number of National Health Service hospitals in the U.K. last year. WannaCry also attacked other high-profile systems and victimized at least 75,000 people in 100 countries.

What Exactly Is WannaCry and Why Is It So Dangerous?

The WannaCry epidemic started in May 2017. In just a few months, it spread through a number of computer systems, infecting Windows operating systems and encrypting files on PC hard drives. Users found it impossible to access their data.

WannaCry has multiple components. It infiltrates a computer in the form of a “dropper,” which is a self-contained malware program that extracts the other application components embedded within it. These components include:

  • An application that encrypts and decrypts data
  • Files containing encryption keys
  • A type of Tor, a free software that enables anonymous communication

The dropper program works by trying to access a hard-coded URL. If it is not successful, it searches for and encrypts files in a variety of important formats that can include Microsoft Office software files, MP3 files and MKV files, rendering them inaccessible to the user. WannaCry then displays a ransom note demanding $300 in Bitcoin in return for the decryption of the files.

Once your system is infected, there is little you can do, other than restore your files from a safe backup or pay the ransom.

Protecting Your Computer from WannaCry

Due to the high number of cybercrimes attributed to the WannaCry ransomware, there are now a number of methods available to protect your computer. One of these solutions is a patch that actually became available two months before the WannaCry attacks began.

Microsoft Security Bulletin MS17-101 was released in March 2017. This update of the Windows implementation of the Server Message Block (SMB) protocol served to prevent WannaCry infection via EternalBlue, a software vulnerability in the Windows operating system.

There are also free tools like Infosec’s TearSt0pper and Bitdefender, anti-ransomware programs that can strengthen your system’s defenses.

The WannaCry Legacy Lives On

Although WannaCry has been mostly neutralized thanks to the advent of tools that protect computers from infection, WannaCry has recently reared its ugly head several times. Earlier this year, WannaCry infected Boeing Company systems, causing an alarming reaction.

Then, just a few months ago, there were reports of an email surge that warned users that their systems had been infected. Fortunately, these emails were proven to be false. They were merely the result of phishing attacks, although many of them included suspicious links to download software to prevent such attacks. Whatever the case, if you see one of these emails in your inbox, delete it immediately.

It’s a good thing that WannaCry ransomware is mostly history because it is extremely dangerous. But with cybercrime so prevalent, it’s only a matter of time before something equally unpleasant takes its place. With that in mind, be sure to do all you can to keep your computers safe.

About the Author

Marissa Bergen is a freelance writer from Brooklyn, New York. Passionate about everything from fashion to technology, her writing experience has increased her awareness of digital marketing, cybersecurity and the ever-expanding World Wide Web. She now lives in Los Angeles with her husband and two children. Google her to find out more about her writing and her other life as a bass player in her family band, The CheeseBergens.

 

Comments are closed.