Nearly 100 countries, including India, have been hit by a massive cyber-attack, which, according to experts, was carried out with the help of “cyber weapons” stolen from the US National Security Agency. The cyberattack was first reported in Sweden, Britain, and France, US media outlets reported.
Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings, and other legitimate files. It has been reported that new ransomware, “Wanna Cry” is spreading widely. Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems.
This exploit is named ETERNALBLUE. The ransomware WannaCrypt or Wanna Cry encrypts the computer’s hard disk drive and then spreads laterally among computers on the same LAN. The ransomware also spreads through malicious attachments to emails.
An increase in activity of the malware was noticed on Friday, security software company Avast reported, adding that it “quickly escalated into a massive spreading”. Within hours, over 75,000 attacks have been detected worldwide, the company said. Meanwhile, the MalwareTech tracker detected over 100,000 infected systems over the past 24 hours.
According to cyber swachhta Kendra, the file extensions that malware ‘Wanna cry’ is targeting contain certain clusters of formats like:
1. Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
2. Less common and nation-specific office formats (.sxw, .odt, .hwp).
3. Archives, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
4. Emails and email databases (.eml, .msg, .ost, .pst, .edb).
5. Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
6. Developers’ source code and project files (.php, .java, .cpp, .pas, .asm).
7. Graphic designers, artists, and photographers files (. vsd, .odg, .raw, .Nef, .Svg,. psd).
8. Encryption keys and certificates (.key, .Pfx, .Poem, .p12, .csr, .Gpg,. us).
9. Virtual machine files (. vmx, .Vmdk,. video).
Kindly do not open any email attachments unless thoroughly scanned with a paid antivirus application whose virus definitions have been thoroughly updated. In addition, do not open or run any attachments with the tasksche.exe file. We have also attached the industry’s best practices & know-how on ransomware mitigation.
A massive cyber-attack has affected nearly 100 countries, including India, causing widespread disruption and security concerns. The attack highlights the critical need for robust cybersecurity measures and emphasizes the importance of staying vigilant and proactive in protecting digital assets and sensitive information. Organizations and individuals must prioritize cybersecurity practices to safeguard against future threats and ensure the integrity and confidentiality of their data.
Frequently Asked Questions
Q1. How will you help raise awareness of cyberspace?
One way we can all practice cyber safety is by using strong passwords. Because, let’s face it, managing passwords is something we all detest, password security is simple to neglect. However, using outdated or shared passwords may offer hackers access to every aspect of your digital life.
Q2. What is Cyber Security Kendra bot removal, exactly?
The Government of India through CERT-In recommends downloading the “Free Bot Removal Tool” from csk.gov.in to protect your device from botnet infections and malware. The following is a list of the programs available for downloading from the Cyber Swachhta Kendra (CSK) website that may be used to clean your computer of viruses.
Q3. What exactly are bot attacks?
An automated script is used to disrupt a website, steal data, make fraudulent transactions, or carry out other harmful operations in a bot attack, a sort of cyberattack. Websites, servers, APIs, and other endpoints are just a few of the various targets that these attacks may be used against.