WannaCry ransomware is in the hype due to the severity of attacks on a wide range of private companies and public organizations located in different countries of the world. The motive behind spreading WannaCry ransomware is to demand money from the companies, as the companies will not be able to unblock systems or files once they get blocked by this massive ransomware. The attackers unblock the access after getting $300 from the victims.
This ransomware is also known as Wana Decrypt0r, WannaCryptor, and WCRY. It is highly recommended to update latest Windows patch if you want to protect your organization’s systems and data from WannaCry ransomware.
As Windows users are facing the threats of ransomware due to some zero-day exploits, they should take the backup of the entire system on regular basis. The backup should be kept on external drives to avoid the loss of the data.
There are several advanced countries that become victims of this massive ransomware, including USA, Germany, Italy, Turkey, Russia, Philippines and Vietnam.
About 1,600 US organizations, 11,200 Russian organizations and 6,500 Chinese companies are attacked by WannaCryptor, as per MalwareTech reports.
Attacked on the 16 hospitals in the United Kingdom and blocked the access of patients’ files from the computers.
The affected systems are Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 7, Windows 8, RT 8.1, Windows 10 and Windows Server 2016, as per reports of CCN-CERT.
The Modus Operandi of WannaCry Ransomware
WannaCryptor ransomware targets those systems that are vulnerable to NSA’s exploit EternalBlue. Some of the Windows users didn’t update the security patched released by Microsoft in March. The attackers are using this exploit to infect and block access to computers or to its files. Attackers demand $300 to remove the infection from the PCs and to unblock the access. But it is not guaranteed that the access will be unblocked after getting dedicated payment.
If ransomware could infect a single computer in the organization, the entire network gets vulnerable. Therefore, it is not safe to keep even a single computer with outdated security updates. It can stake the entire network security.