A cyber attack “of an unprecedented level” attributed to the “WannaCry” software hit a hundred countries on Saturday, May 13, 2017. What is this malicious software and why does it take data hostage? Why should businesses try to remove ransomware before it even begins?
There is panic in the virtual world. On Saturday, May 13, 2017, a wave of “unprecedented” cyber-attacks hit hundreds of countries, affecting the operations of many companies and organizations, including British hospitals and the French manufacturer Renault. This attack has a special name: “ransomware”. How does it work? The malicious software locks and encrypts users’ files and forces them to pay a ransom ranging from hundreds to several thousand dollars, in the form of the virtual currency “bitcoin”.
In the case of this particular attack, the “pirates” requested a payment of only $300 dollars in bitcoins, to be paid within three days, before the price doubles. If the payment was not made within seven days, the pirated files would be erased. The authorities, of course, recommended to companies that they should not pay the ransom, which does not guarantee that their files will be returned to them.
Is ransomware a viable threat?
Many experts concluded, nevertheless, that despite the media noise these particular hackers produced, this type of ransomware did not have much of an impact “because” the amount they were asking for was too low. According to the latest count, only $6,000 have been paid to the hackers. However, attacks of the “ransomware” type exploded in 2016, sending crippling fear to the hearts of cyber security experts. These attacks affect both multinationals and individuals.
Where does this software come from?
According to computer security company experts, the latest attack was by a group of hackers calling themselves “Shadow Brokers”, which claims to have discovered a computer flaw in Windows’ systems. It is these “flaws” that allow hackers to access the contents of the computer before encrypting them. For a few years now, hackers have offered “ransomware” on the dark web ready for use and, therefore, it is accessible to all. This is to encourage the expansion of this new mode of piracy, now within the reach of everyone.