WannaCry Ransomware & how to protect your System
The WannaCry Ransomware Attack across 150 Countries.
Ransomware
Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it.Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. It may also Encrypt Master File Table (MTF) or the entire hard drive.WannaCry Ransomware
The WannaCry Ransomware is basically developed by the WannaCry Team. Over 150 countries all over the world Including India is also affect cyberattack by the WannaCry ransomware cryptoworm (also known as WanaCrypt0r 2.0) which targets computers running the Microsoft Windows operating system, encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
The Ransomware campaign was unprecedented in scale according to Europol, which estimates that around 200,000 computers were infected across 150 countries. According to Kaspersky Lab, the four most affected countries were Russia, Ukraine, India and Taiwan.
Microsoft released a statement recommending users install update MS17-010 to protect themselves against the attack. In an unusual move, the company also made security patches available to the general public for several out-of-support versions of Windows, including Windows XP, Windows 8 and Windows Server 2003.
Coding
Although cybersecurity companies Kaspersky Lab and Symantec have both said the code has some similarities with that previously used by the Lazarus Group, (believed to have carried out the cyberattack on Sony Pictures in 2014 and a Bangladesh bank heist in 2016 – and linked to North Korea), this may be either simple re-use of code by another group, or an attempt to shift blame – as in a false flag operation.How to protect your System from the Ransomware attack
The WannaCry Ransome ware affect the Microsoft windows due the vulnerability in the microsoft windows. the latest update of microst soft includes the patch of the WannaCry Ransomware. So, the best and the easy way to protect your system from it is to update it to the latest version of Microsoft Windows if you have a genuine (Purchased) windows otherwise follow the steps down belowWanna Cry Ransomware Guidelines to stay safe :
- Be careful to click on harmful links in your emails.
- Be wary of visiting unsafe or unreliable sites.
- Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
- If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
- Keep your files backed up regularly and periodically.
- Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
- Use anti virus and Always make have the last update.
- Make sure your windows have the last update close the gap.
if you did no't update your windows just turn off SMP
There are two methods to turn off SMP manually or Tools .
First Method :- Control Panel\Programs\Programs and Features.
- Remove check Box SMB1.0/CIF Filse Sharing Support.
- you must be restart your computer.
Download the SMB2 Diabler Tool
1. Run as Administrator.
2. First check if the Features is turn on !. when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it
3. SMB2 IS currently disabled.
4. You must be restart your computer.
Done! Now you are safe.
Don't forget to share this to your friends and protect them from the Ransomware attack.
-Sources taken from Wikipedia and Microsoft
