An insidious malware program has infected almost 200,000 computers from 150 countries, and Egypt is among the top 20 countries to be afflicted. Here's our guide on how to protect yourself from this growing threat.
A vicious malware bug traversed the computers of the globe this weekend, infecting machines at breakneck pace and striking fear into the hearts (and hard drives) of millions. At last count, over 200,000 machines in 150 countries have been afflicted with the incurable virus, WanaCrypt0r 2.0 (aka “WannaCry”), losing all their data to anonymous cyberterrorists. The ongoing attack is “unprecedented in its scale,” reports Europol Director Rob Wainwright. Unfortunately, the victim count is guaranteed to rise as the Western world resumes its regular workweek on Monday.
Cybersecurity company Kapersky Lab reports that Egypt is one of the top 20 countries affected, though they acknowledge that the scope of their data is limited, and infection instances are likely higher than reported. Initial reports show around a thousand infections in Egypt. The ransomware has mostly been targeted at members of the healthcare sector due to the extreme importance of their data and thus, their willingness to retrieve it. An Egyptian pharmacy owner’s Facebook post asking for help went viral after his business computers were infected. He had been using Windows 7, but remarkably had had a backup of his data. He was able to reinstall Windows and restore his data without paying the ransom— an extremely rare and fortunate outcome, given that very few people regularly back up their data.
"WannaCry" demands payment in exchange for the user's data, as seen in this screenshot from an infected computer in Egypt.
What is Malware?
Malware is a portmanteau meaning malicious software, which includes any software that aims to access and attack your computer. Ransomware is a specific type of malware that blocks a user’s access to their own data, usually through encryption, until a ransom has been paid. Most people don’t regularly back up their data, which means that the only way they can get it back is by paying the perpetrators for the decryption key. Payment is usually requested in Bitcoin, a digital cryptocurrency that cannot be tracked by experts. Worse still, ransomware will sometimes turn the infected computer into a botnet, which is essentially a computer zombie that attacks other computers to continue spreading the virus.
As of 2016, Egypt was North Africa’s top ransomware target, accounting for 18% of all infections in the region. Nearly 20,000 computers a month are infected in Egypt, according to cybersecurity analysts at Trend Micro, and there has been a staggering 54 percent increase in attacks since 2015. To counter this growing threat, Egyptian businesses and consumers alike need to be more vigilant in keeping their antivirus software current and original (non-pirated), and performing browser and system updates as soon as they are available.
What Makes WannaCry so Terrifying?
WannaCry, the ransomware causing the current pandemic, appears to be derived from hacking tools from the US National Security Agency (NSA), which were leaked online last month. The NSA has come under heavy criticism for failing to disclose software vulnerabilities discovered in US targets as the agency was developing its offensive tools. The infamous Edward Snowden tweeted that “despite warnings, [NSA] built dangerous attack tools that could target Western software. Today we see the cost.”
A 22-year-old security researcher from the UK known by the pseudonym 'MalwareTech' accidentally discovered the malware’s 'kill switch' by registering the nonsense domain name contacted by the software each time it infected a new computer. The domain registration cost him only $10, and temporarily halted new infections, although it could not save computers that had already been compromised. Mr. MalwareTech is being branded a hero, and will probably have a guaranteed job in internet security for as long as he wants one, or until the internet forgets this ever happened. Don’t breathe a sigh of relief just yet, though, as the threat is only neutralised until the cybercriminals patch their code.
How do I Protect Myself from WannaCry?
Firstly, be sure to back up your data as often as possible. For this to be effective, you need to back up your data externally, whether it’s on an external hard drive or computer not connected to the internet, or in the cloud (which has some vulnerabilities). Secondly, be incredibly cautious when opening email attachments, and don’t trust anything from anyone you don’t know. Better still, remain sceptical of suspicious-seeming files received from people you do know, as their computers may be compromised. Perform system and browser updates as soon as they are available. Delaying them only prolongs security vulnerabilities, which are more likely to be exploited the longer you wait.
If, for some unfathomable reason, you are still using Windows XP, 8, or Server 2003 (but why?!), you’re in luck, because Microsoft has released emergency patches addressing critical security risks in older, unsupported versions of Windows. It’s a shame that the WannaCry hackers felt the need to infect the entire world just to get patches for a few old versions of Windows, but we guess they got what they wanted. If you want those patches too, you can download them from Microsoft here. Please patch and restart your computers immediately or just like, install a newer version of Windows. Or Linux.
If your computer becomes infected with ransomware, be aware that there is no guarantee that paying a ransom will get you back your data. There has been no confirmation that the users who paid for WannaCry decryption keys were actually able to recover their digital property. Be sure to notify your IT department or authorised dealer of the threat immediately. And lastly, if you have a backup, remove your device from the network and restore it.
Programmers from around the world have been writing scripts to calculate WannaCry profits. At the time this article was published, the WCry criminals have extorted at least 22 BTC, or $40,000, from their victims. New variants of the virus are already being released, so back up your files and remain vigilant. If you don’t, you’ll probably want to cry.
Main image: Facebook