Ransomware Virus infection hits

Ransomware threat far from over, as it hits Starting Friday and continuing today 5/15/2017, as unprecedented cyber attacks disabled computer networks in at least 150 countries, including the U.S. 

Cyber-secuirity firm avast has reported 75,000 cases and expects that number to rise greatly.

At the risk of giving the hackers that created the virus Ransomware bragging rights and encouraging them to create yet another version, the name of the virus is WannaCry and several copycat versions have been created globally.

There are reports of major attacks in several countries including Russia and China, indicating the hackers seem to have no nationalistic loyalties/ the usual suspects are not to blame. The ransomware attacks are also known as WannaCry, WanaCrypt0r and WCry are sweeping the globe.

Ransomware works by infecting a computer, locking users out of the system (generally by encrypting the data on the hard drive), and then holding the decryption or other release key ransom until the victim pays a fee.

While initially popular in Russia,  ransomware scams have grown in popularity internationally and are used by hackers in every nation. In June 2013, security software provider McAfee released data showing that it had collected more than 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through Trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities. also CryptoWall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.

The ransom being demanded in this latest series of attacks is $300 to 600 USD depending on if the victim is a citizen, corporation or government department and is demanded in Bitcoin , which has become a very popular payment method for these type of attacks. The hackers have thus far only pulled in about $26,000 USD from this most recent attack as of Saturday morning, this is both good and bad as in hacker circles the bragging rights are a major part of the payout with anonymous hacker I.D’s gaining notoriety among their peers for the most destructive/profitable viruses. Yes, it may be sparing financial suffering but a hacker with this level of skills will no doubt be unsatisfied with the results and grind long and hard towards the creation of the next one they create unless the damage/destruction it causes can replace the monetary value.

wannacry_05-1024x774

The biggest victim so far seems to be the  National Health Service, in Scotland it is known as NHS Scotland. Which saw many of its services grind to a complete halt, while many systems were restored by Monday morning, many surgeries including one man’s heart operation were canceled. It is unclear what effect this attack will have on hospital wait times and what backlogs may result. Several levels of the NHS are still reaching out for emergency assistance.

Other victims include fed-ex mail postal services, provincial and federal government agencies as well as several corporations and while they are still trying to deny it most likely to prevent a run on the banks, banking institutions are being affected as well, with the sources of this information being various banks staff tweets on social media.

Some reports claim Russia have seen more infections than any other single country. Domestic banks, the interior and health ministries, the state-owned Russian railway firm and the second largest mobile phone network were all reported to have been hit.

Russia’s interior ministry said 1,000 of its computers had been infected but the virus was swiftly dealt with and no sensitive data was compromised.

Both business and personal computers are being affected as well service vending machines a  local railway ticket machine in Germany also fell victim to the attacks.

Follow this link to understand further and take steps to protect yourself https://www.facebook.com/computerclinicbicester/posts/1013251972151459

Vladimir Putin in an ironic turn of events has come out swinging and blaming the U.S for the attacks citing the N.S.A’s creation of the malware. He was quoted as saying, “Malware created by intelligence agencies can backfire on its creators,” said Putin, speaking to media in Beijing. He added that global leaders needed to discuss cyber security at a “serious political level” and said the US has backed away from signing a cyber security agreement with Russia.

This accusation may fuel the ever increasing claims that governments around the world are engaging in cyber warfare that puts business and citizen users at high risk of becoming fallout victims.

Cyber warfare is defined as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption” but other definitions also include non-state actors, such as terrorist groups, companies, political or ideological extremist groups, hacktivists, and transnational criminal organizations.

Some governments have made it an integral part of their overall military strategy, with some having invested heavily in cyber warfare capability.] Cyberwarfare is essentially a formalized version of penetration testing in which a government entity has established it as a warfighting capability.

This capability uses the same set of penetration testing methodologies but applies them, in the case of United States doctrine, in a strategical way to

  • Prevent cyber attacks against critical infrastructure
  • Reduce national vulnerability to cyber attacks
  • Minimize damage and recovery time from cyber attacks

Offensive operations are also part of these national level strategies for officially declared wars as well as undeclared secretive operations.

The attacks are far from over and industry insiders and leaders are warning the severity will only increase today 5/15/2017 as people head back to work and switch on their computers. Cyber security experts said the spread of the ransomware had slowed since its appearance on Friday but that the respite might only be brief as the attackers or copycat attackers may have developed new versions.

Apple users are also vulnerable to WannaCry-type attacks, says cyber security expert Aleksandr Yampolskiy

“That’s a common misconception,” Aleksandr Yampolskiy, founder, and CEO of SecurityScorecard, said on “Squawk Box,” when asked if Apple users can’t be affected by other cyber attacks. “It happens that this attack is targeting the Windows computers. … But Apple is absolutely vulnerable to similar types of attacks.”

His main advice to users is to “Think before you click” don’t just click randomly click links or attachments you do not know and apply the latest patch as advertised by https://www.facebook.com/computerclinicbicester/posts/1013251972151459

We at https://www.facebook.com/gorillatactics77/?ref=br_rs  / www.finleymediasolutions.com are insisting all of our clients, indeed every internet user forwards this article and take the steps included within in it to protect your systems. Whether you are a home or business user DO NOT procrastinate DO NOT do it later PLEASE start being vigilant now and take steps to protect yourselves and your investments 🙂 We wold also like to offer our assistance at a reduced to rate to any company or charity who has had their online presence affected negatively by this virus.

Follow this infographic courtesy of  https://www.europol.europa.eu/about-europol/european-cybercrime-centre-ec3 to lessen your chances of being infected by future versions of the virus.

18486444_1014386802037976_1198054366093582596_n