About The International Cyberattack

It all started when there seemed to be a security breach in Microsoft’s Windows operating system. Hackers choose to exploit the security breach and took advantage of it. Originally the United States National Security Agency discovered this security breach and after a hacking group claimed to be “Shadow Broker’s” realized the flaw and the malicious software that many have taken over their devices. The group itself will remove the malicious software for a price of $300 – $600 in bitcoin, most criminals like to use bitcoin because it’s untraceable. It’s estimated that the group will have made 1 Billion dollars from this scam.

 

What Is Ransomware?

In most attacks, hackers send out emails to their victims that include attachments or links to what seems to be non-harmful sources. In this case of this cyber attack the group sent out encrypted .zip files to make it more difficult to detect their scheme.

Victims who have clicked on the attachment’s find out that their computer files have been encrypted, they no longer have access to their data until the attack in released. They will receive a pop-up message informing them about the attack and demanding a ransom to reverse the attack. This attack was especially bad because it could spread through all your devices linked to your network. Big organizations like hospitals were at greater risk of having their majority of computers compromised.

 

What Do We know?

  • Government and company agencies among the affected were: FedEx, Britain’s National Health Service, and Russian Interior Ministry.
  • More than 45,000 attacks were recorded in almost 100 countries. Russia by far was hit the worst amongst all.
  • Microsoft issued a patch for the security breach after the attack.
  • The Windows patch won’t help any devices that are already infected.
  • At least 45 British hospitals/medical facilities were hit and hit the hardest. The attack blocked doctors from viewing patient files and emergency rooms had to divert all patients.
  • Patient data is still safe and nothing was stolen.
  • There are different branches and as the malware spreads, the hacking groups find’s their flaws and fixes them only to become more powerful.

How Can We Protect Ourselves?

There is 2 thing you can do to 100% guarantee that you won’t be infected by the malware. If you haven’t already installed the Microsoft Windows Security update do it now because it has the patch for the security breach. If you don’t know how to do it, you can hire a computer repair company to do that for you. Second, backup your files using different ways, such as online backup and offsite backup.

How Do Devices Get Infected?

The vast majority of Windows users got infected by email. The attackers sent out emails with encrypted .zip files. These emails were made to look innocuous to the user so that suspicions weren’t raised. After a while, you would get a pop-up saying that your files were encrypted. Eternal blue is the name of the Windows weakness and Microsoft has already patched it. The other way of getting infected is basically the attackers browsing the web and looking for vulnerable computers.

Has It Stopped?

The hacking group made a kill switch for the purpose of reversing everything they did just in case something happens. A man by the name “Malware Tech” had found out that they made the kill switch on a website with an unregistered domain. He proceeded to buy the domain and switch it off. This “kill switch” hasn’t stopped the malware fully because this is only temporary. There are many versions of this malware and stopping it isn’t quite as easy as it may seem.

A2Z PC Service is a computer repair shop in Toronto speslized in all computer desktop and laptop repairs. Also, provides virus and ransomware removal services. For more information feel free to contact A2Z PC Sevice

Comments are closed.