Increasing cyber-attacks – are we heading towards cyber doom?

The recent Petya ransomware tragedy that struck the computer systems worldwide, is the second largest cyber-attack after the WannaCry Ransomware that had hit the world last month.

The recent attack hit many countries, locking up the PCs and crippling enterprise-services. Ukraine and Russia were identified among the worst affected countries.

Based on the findings of security firm Kaspersky, the ransomware could possibly be a variant of Petya.D, Petya.A, or PetrWrap. Though it widely affected the systems just like WannaCry, but it is not its variant.

The Petya ransomware locks a computer’s files with a message and demands a ransom in lieu.

The attack reportedly started through an update that was used on a third-party Ukraine software, known as MeDoc. The software was used by many organizations in the country and is identified as the primary reason behind Ukraine being largely affected.

In Ukraine, government offices, banks, energy companies, cash machines, gas stations, railways, Chernobyl power and supermarkets, all were impacted.

Many multinationals like law firm DLA Piper, Mendelez International, Merck and shipping giant AP Moller-Maersk were also impacted.

Per Kaspersky, 60 percent of the attack hit in the Ukraine region while 30 percent was in Russia.

The ransomware reportedly used the EternalBlue Exploit – a software vulnerability in Microsoft’s Windows, just as in WannaCry attack. The tech giant had issued a security update for the same on March 14th – that is before the ransomware attack, and hence those who updated their systems were saved while others had to pay the cost.

The lack of proper security measures and failure to keep the systems updated are supposedly the major reasons behind the attacks.

Though the security agencies and cyber-police have not been able to find out the solution for decrypting the file, but have asked the users to be more aware of the ransomware and its effect.

The recent updates on the attack revealed that the attackers were hardly able to collect any ransom from the act. Some reports suggest that rather being a ransomware, it was a wiper whose primary aim was to cause destruction.

With global cyber-attacks that are crippling the backbone of many countries, one is left in doubt whether these are deliberate attacks of the cyber criminals to extort money or if there is some sinister ulterior motive behind all these attacks.

News Technology

The ransomware attack continues, affecting systems worldwide

The ransomware attack that hit the world computers on Friday affecting a lot of NHS trusts, is attracting a lot of concern from security agencies, government and IT companies, majorly because of the big data that they all deal with.

The malware operator called WannaCry or WanaCrypt 2.0 used an exploit that was leaked by a group called “ShadowBrokers” to run the malware into the computer systems of major hospitals, telecommunications, and courier services.

The malware uses strong asymmetric encryption via RSA 2048-bit cipher to lock files and then demands ransom in lieu of decrypting it. One of the identified ways through which the malware is spreading on unaware PCs is – email spams.

The attack was apparently brought to a halt by a researcher at MalwareTech – although he did not realize it at that time. The security researcher to track the traffic coming from the domain registered it which killed the ransomware. Though it could not save the already affected computers but proved to be a good way of discontinuing the spread.

What began with a security leak from the National Security Agency has till now affected more than 150 countries and the terror is not over yet.

Many reports suggest that the government data on legacy platforms that are more vulnerable to hacking attempts can be the ideal entry gateway for such attacks.

The latest virus is using a flaw in Microsoft Windows that was identified and stolen from the US intelligence. Microsoft recently launched its security patches in March and the users who upgraded the software with latest patches were saved from the attack.

Brad Smith, President and Chief Legal Officer at Microsoft, in a blog, said, “The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world.

The latest reports identify new ransomware attacks as the week opens today after weekend including 29,000 infections in China, 2000 infected PCs in Japan and issuing of red-alerts in countries like India.

Page 2 of 2
1 2