Last week, a massive cyber-attack known as WannaCry Ransomware attack affected t

Question

Last week, a massive cyber-attack known as WannaCry Ransomware attack affected tens of thousands of users in over 150 countries around the world. It locks all the files on your computer and demands a $300 in bitcoins to regain control. According to experts this attack is spreading through windows weakness known as EternalBlue. Please click on the links below and use other resources if you wish to answer one of the following questions,

1- How does this attack occur and spread?

2- Why do you think they ask for bitcoins instead of other payment forms?

3- How do you protect your organization as well as your yourself?

Explanation / Answer

1. Attackers targeted the computers that are running on outdated Windows platform. WannaCry Ransomware is a standalone malware that replicates itself when entering in o ones's computer. This can be defined as a worm. WannaCry spreads across local networks and the Internet to systems that have not been updated with recent security updates, to directly infect any exposed systems. This attack is based on the EternalBlue exploits ,a vulnerability in Microsoft's implementation of the Server Message Block (SMB) protocol.

EternalBlue exploits a security loophole in Windows operating systems that allows a malicious code to spread through structures set up to share files such as dropboxes and shared drives for documents or databases without permission from users. Using this security loop the worm spread itself in the attacked computer and it is also a network worm which has self transportaion capability over internet. This transport code scans for vulnerable systems, then uses the EternalBlue exploit to gain access, and the DoublePulsar tool to install and execute a copy of itself.

2.

1. Bitcoins are like virtual money. Bitcoins are not actual physical coins they are just lines of code. They are digitally signed from one owner to the next, but they're not regulated by any government and are largely anonymous.

2. They can't be used to identify you personally. Instead, whenever you trade in bitcoin, you use a so-called private key associated with your wallet to generate a bit of code called an address that is then publicly associated with your transaction but with no personal identifying information.

3. This means that it becomes harder to track the movement of the coins, and see where the ransom payments are going after a point. These advantages facilatates the cyber criminals for asking bitcoins.

3.

1. The most important aspect in protect our computers against these kind of attack is having our operating system updated timely. All the patches have to be installed and gets updated immediately after the release.

2. Strengthen scan-and-detect defensive capabilities across the organisation. Ransomware is usually restricted to local hard drives or locally available shares. So a strong backup strategy would surely protects the data from intruders.

3. Installing an antivirus is important to fend off cyber attacks and infections from ransomware, and just like any other software, you would need to keep your antivirus up-to-date with the latest virus definitions to be properly protected.

4. Finally, user awareness is the key aspect which avoid these kind of attacks. So, organisation has to conduct sessions regarding tese attacks and discuss preventive measures.

Related Questions

Navigate

• Browse (All)
• Browse L
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.