Prabeer Sarkar
It could very well have been a blockbuster Hollywood movie script. Only it isn't. It's real and it's happening to us today.
Since May 12th, a Ransomware dubbed WannaCry is the ongoing sensational cyberattack, threatening 125 countries globally at the same time with incidences reported more than 2,00,000. A near cyber meltdown, the ransomware has virtually abducted IT systems from the health, telecom, transport, and business sectors demanding a ransom of $ 300 (later raised to $600) per incidence, payable in Bitcoins - the virtual currency.
Over the weekend during 12th to 14th of May, UK and Russia have been reported to be the worst hit. From 15th of May, Monday, as the world gets back to work, the scenario is expected to escalate to even worse levels. News is circulating that there is already a newer version of the ransomware released.
Ransomware has been in the IT security analysts' radar for sometime now. However, in the last two years it has gained quite an extreme momentum. A large-scale ransomware attack was not totally unexpected. But WannaCry beat all expectations. It is a global attack of epic proportions. As a matter of fact, it took the security research and analysis community completely by shock and off guard.
Ransomware, as the name suggests, is very much like a real-life kidnapping or abduction, leading to ransom demands for release of hostages. In the digital world cybernappers (as they may be called) kidnap data and systems by encryption. In more general terms cyber criminals take control over a PC, a Server, a network, a system, or a mobile device; encrypt them so users have no access to those. And they demand a ransom amount in exchange of returning that control. Ransom amount is payable in virtual currency-bitcoins. There never is a guarantee that payment of ransom ensures release of data or the system. There is hardly anything victims can do apart from trying to retrieve the data or system from backups if available.
Bangladesh is obviously under the ongoing WannaCry threat. And if infected, it is good to know that bitcoins are not a recognised currency for us. There is no way one can legally attempt in Bangladesh to recover data or a system from a Ransomware breach by paying in bitcoins.
So how does this malware make its way into systems? How do the criminals hack into our systems? How do we get infected? In the first place, WannaCry did not hack its way in at all. It exploited a vulnerability in Microsoft Windows to steal in and take over. Taking advantage of something like an unlocked door in the operating system. On March 14th Microsoft had released a patch update to block this vulnerability. But as usual, users in mass did not heed or update. The cyber criminals behind WannaCry were totally aware of this human trait.
WannaCry is not over yet. It is an ongoing threat right this moment. The best approaches to immediate protection are: (1) update the MS Windows OS (2) Keep a regular full back-up, so that retrieval can be possible, and (3) update the security software regularly. Apart from these a general thumb rule - not to open any files or email attachments that seem suspicious in any way.
WannaCry is not the last ransomware or cyberattack. There will be more attacks. The main concern is that IT security is not to be taken lightly anymore. No scopes left. We live in a digital world and there are no excuses for ignorance or lapses in digital security.
The writer is the CEO, Officextracts Distributor Kaspersky Lab. Bangladesh and Bhutan.
Dhaka May 15, 2017.