© Shutterstock
Do not cry, we're here to help you protect your PC and documents.
15 Mei 2017 13:45
One of the largest ever cyber attacks wrecked havoc and shut down tens of thousands of computer systems across the world. The Wanna Cry ransomware outbreak has infected the security systems of companies, hospitals, and schools and was known to exploit exposed documents from the US National Security Agency, NSA.
Citing a report from the Ministry of Communications and Information (Kominfo), in Indonesia the ransomware has attacked Harapan Kita and Dharmais Hospitals, both located in Jakarta.
Directorate General of Applications and Informatics, Samuel A. Pengerapan said that the raid was epidemic and massive, targeting the critical resource of those institutions.
"The attack could be categorized as cyber terrorism," Samuel told Merdeka.com.
Samuel explained that the ransomware works by infiltrating the device or network's security system, locking the computer, encrypting all the files and making them inaccessible.
WannaCrypt, or more popularas Wanna Cry, according to Kemkominfo, targets Windows-based systems that are weak on its Server Message Block (SMB), a software that is used to provide shared access to files in networked computer.
So, how did the virus spread in Indonesia?
WannaCrypt epidemic escalates after infecting computers by exploiting a Windows vulnerability involving the SMB protocol.
When it infects the system, WannaCrypt will encrypt the entire files on the computer and as the device is on file sharing protocol, the malware is possible to spread out to other Windows-based computers within the same network.
Photo: Kominfo.go.id
WannaCrypt will then take over the screen and show a message from the attackers saying asking for around 4 million Rupiah in form of bitcoins as a ransom to restore the documents they've blocked. The amount of ransom will increase if the demand is not immediately paid within the specified deadline.
To anticipate the attack, several things can be done. Here are some tips to overcome the attack, according to the Indonesia Security Incident Response for Internet Infrastructure:
1. Unplug the LAN cable OR Disable Wi-Fi connection
2. Back up your data!
3. Update your anti-virus
4. Update yout security on Windows by installing Patch MS17-010 by Microsoft MAKE SURE ITS ORIGINAL!
5. Do not activate macros function
6. Disable SMBv1 function
7. Block 139/445 & 3389 Ports
8. Then, repeat all the processes
And last but not least, Remember: always backup all important files on your computer and keep it in external hard drive or cloud service!
