The Fourth Industrial Revolution – Industries 4.0
June 21, 2017
A visit from the future
July 7, 2017

You’ve probably heard from Ransomware, it´s absolutely everywhere right now, and one of the biggest attacks was actually on the hospital system in the UK, where hundreds of computers were not only made basically useless, but more importantly, there were tons of documents on patient´s information and test results, that were all essentially lost.

This is not an isolated incident, it is happening world wide. On May 12, a global attack was effected where more than 99 countries were affected and more than 75000 users were victims. This is not only affecting normal people´s computers, smart phones, tablets, or any electronic online device, but it’s also attacking institutions like banks and multinational companies.

These were the testimonials of some of the companies that were affected by this attack:

  • A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack (England).
  • “Like many other companies, Fed Ex is experiencing interference with some of our Windows – based system caused by malware. We are implementing remediation steps as quickly as possible” (USA).
  • “Telecom detected a cybersecurity incident affecting the PC´s of some employees within the company´s internal corporate network. Telefonica immediately activated the security protocols for this type of incident in order to resolve the problem as soon as possible” (Spain).

But what is Ransomware? How does it work? Is there any way to get protected from these attacks?

Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files, and the only way to regain access to the files is to pay a ransom. Once a device or system is infected it is paralysed and there is no guarantee that paying the ransom will return access or not delete the data. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.

There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC. There are two types of ransomware in circulation:

Encryptors, which incorporates advanced encryption algorithms. It’s designed to block system files and demand payment to provide the victim with the key that can decrypt the  blocked content. Examples include CryptoLocker, Locky, CrytpoWall and more.

Lockers, which locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Examples include the police-themed ransomware or Winlocker.

They can target any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider.

Ransomware Encryptors have been around for a few years now, but what’s different is that there’s a new much more dangerous version of it around: “Wanna Cry”. Originally, this was an exploit found by the NSA called “Eternal Blue”, where they presumably used it for super-secret spy tasks. However, one of their servers was actually leaked by a hacker group called the Shadow Brokers and lots of their tools were available publicly.

Eternal Blue is an exploit in Windows net working that is especially dangerous because you don’t have to be doing anything wrong to be affected. The good news is that Microsoft has already released a patch to deal with this exploit.

So it’s extremely important for you to make that you do all the possible not to be an easy target. Don’t open any suspicious email, don’t enter to any unsecure web page, and you have to get all the updates for your computer on term.