The Great Cyber Caper of 2017

On the 12^th of May, an unknown party, or parties, launched a cyberattack on an unprecedented scale the aftermath of which is still being felt despite many businesses and private computer users stepping up their cyber security policies.

Copyright: aetb / 123RF Stock Photo

Dubbed the WannaCry cryptoworm, the malicious software is said to have infected some 230,000 computers in 150 countries worldwide, spreading through networks and bringing affected businesses to a grinding halt by encrypting data and demanding a “ransom” of around $300 in return for releasing it. Desperate to have access to their data, many opted to pay the ransom but were never issued with instructions for decryption, and it has been theorised that the attackers themselves are not entirely clear on how to undo the damage done by the appropriately-named ransomware.

Since the attackers demanded that the ransom amount be paid in Bitcoin, a ubiquitous cyber-currency which is largely untraceable, no suspects have been identified at the time of writing and data recovery specialists are still scrambling to salvage what they can while cyber security firms are rushing to the aid of the organisations that have been targeted.

The attack has raised important questions regarding the efficacy of firewalls and antiviruses.

What exactly is ransomware?

Ransomware is a type of malware (malicious software) that encrypts data on infected machines, making it inaccessible to the user. The attacker then demands a sum of money, or ransom, in return for releasing the data.

Who is at risk?

Theoretically, anyone with access to a personal computer or laptop is at risk of falling victim to a ransomware attack, although businesses are at greater risk since malware is often promulgated through company networks.

How is the ransomware activated?

The ransomware is activated in a number of different ways, but generally results from opening an email attachment that contains the malicious software. Clicking on suspicious links can also lead to a ransomware attack.

What can I do?

According to CENTURION IT manager and network security specialist Paul Mearns, the majority of the WannaCry attacks occurred due to attachments from dubious emails being opened.

He stresses the importance of not opening emails if one is unfamiliar or uncertain regarding the source.

“Don’t open any attachments unless you are 100% sure that the email is safe and that you are familiar with the sender,” says Mearns, although he warns that even this is no guarantee of the mail’s integrity. 

“If you are unsure of something, contact your company’s IT department. We are here to help”.

For a full list of ransomware countermeasures, visit Microsoft’s website or click here.