WannaCrypt ransomware or also called Wannacry is a type of malware virus that works by locking the computer so that it cannot be accessed by the user, then asking for a ransom to return their data that was successfully locked. According to Alfons Tanujaya, an internet security practitioner from Vaksincom, ransomware techniques are commonly used by malicious hackers to take the victims’ files, hostage.
the first document and example of ransomware are Trojan AIDS 1989, known as PS Cyborg. Joseph L. Poppransfer 20 thousand diskettes replaced with AIDS Information label – Introduction to Diskettes. Joseph sent a diskette to attend an international AIDS conference by the World Health Organization. After so many times the process of rebooting the PC, apparently, floppy disks with malicious programs or Trojans that damage and encrypt file names on the computer.
To get access to the file, users must pay USD189 to PC Cyborg Corp. Dr. Popp finally succeeded but has not been declared eligible to stand trial and accept Malware like the WannaCry Ransomware does not just appear. Malware emerges starting from the simplest form such as computer viruses that are increasingly “slippery”. Malware in the form of viruses has been made since the computer has not become a device that is used in general. Computer viruses, for example, occurred in the early 1970s. This virus named “Creeper”, was created by a man who worked in Cambridge, England, Bob Thomas in 1971. “Creeper” is not a virus in the true sense and purpose. Bob Thomas only experimented, creating programs that could duplicate themselves. This ability will later become one of the main characteristics of computer viruses and other malware. A decade ago, Rich Skrenta, a 15-year-old teenager from Pennsylvania, United States, tried something unique to put on his favorite game disk. Than just a fad, Skrenta’s work which became popular under the name “Elk Cloner” turned out to be quite serious.
Every computer with the Apple II operating system has the potential to be hit by an “Elk Cloner” attack that spreads through a floppy disk. This is the first real virus, troublesome buggers that spread wild in cyberspace. Towards the end of the 1970s, the digital sphere was still livened up by intrusive viruses that were deliberately created with a specific purpose. In 1987, for example, there was a virus called “Jerusalem”. The virus that can delete all programs on this computer is called “Friday 13th” because the peak of the attack occurs every Friday the 13th. Perhaps this name inspired the presence of a horror series from the United States of the same name, released in 1980 and had aired in Indonesia: “Friday the 13th “.
A year later, turn “Morris” or “Internet Worm” spread the US. One of these malware infects more than 6,000 computers in America, including NASA’s. “Morris” is one of the most dangerous viruses because it can paralyze all the tissues it possesses, at that time the losses incurred reached 100 million US dollars After a period of “trial and error” and “fad”, the creation and circulation of computer viruses increasingly massive entering the new millennium. Now, what is happening is spread no longer through floppy disks or similar external devices, but has become smoother as the internet is increasingly recognized as a miracle of the latest information technology.
In 2001, the entire White House was tantrum because the United States Presidential Palace official website was infected with a virus called “Code Red”. The site whitehouse.gov was hit by hacks and had the chance to make Uncle Sam’s country government distracted by securing their important data. “Code Red” has also successfully entered millions of computers in the world using the Microsoft Windows NT and Windows 2000 operating systems, “Renee C. Schauer said in an article entitled” The Mechanisms and Effects of the Code Red Worm “in the journal SANS Institute (2001) noted, the loss reached 2.6 billion US dollars!
One of the cruelest malware ever known spread in 2004. The malware called “MyDoom” was launched to infect computers quickly and spread via email through reflections without being noticed by the account owner. More than one million computers worldwide have this virus.
In 2008, America was shaken again. This time the acting is malware “Agent.btz”. Malware in the form of viruses that steal important data and confidential documents also can not interfere with the Pentagon security system. Reuters on June 16, 2011 Review of terror reports from malware linked to US wars in Iraq and Afghanistan.
The threat of “Agent.btz” which is also nicknamed “James Bond Virus” is indeed not a joke. So far, the United States Department of Defense has formed a special new unit to prepare for cyberattacks from the US Cyber Command. The United States that started with Israel then created a new virus with the name “Stuxnet” in 2010. In its development, this virus was also used to attack development facilities and uranium produced by Iran (Reuters, 24 September 2010).
Malware that is no less evil appeared in 2014. It was named “BlackShader” which approved the FBI which was recognized to have infected 100 countries in the world. Viruses that can take over computers or devices that have been launched are made by 5 people who have problems with the FBI.
“BlackShader” spread to various continents, from America, Europe, Africa, Asia, even Australia, thanks to the contribution of certain elements from all over the world. The Guardian (May 19, 2014) reports that more than 100 people from 16 countries have won it for opposing this dangerous campaign.
Now, malware with the label WannaCry Ransomware has attacked no less than 150 countries in the world, including Indonesia. Penans malware from Ransomware Wants to ask for money in the form of bitcoin if you want to be free of data hostages on an open computer. Freeing rejected hospitals are those who do not patch weaknesses in the computer operating system. Malware such as viruses to worms and others can fight.
Malicious programs or ransomware can infect victims ‘computers and take important files hostage to victims’ computers. To be able to access the file again, the victim must provide ransom by the amount specified by the attacker and must be paid within the specified time.
Wannacry ransomware is malware that enters a computerized system and encrypts all files on the computer so that it cannot be opened by the user. This malware not only attacks client computers but also attacks server computers where important data is held by the agency being attacked
How the Wannacry Ransomware Virus Works
If the computer has the following problems, the computer likely has Malware Ransomware Wannacry.
1. Programs and Tools Not Functioning
This malware will cripple some programs or tools that exist in the computer registry, so if your computer experiences it, your computer could be infected with this Wannacry Ransomware Malware.
2. Keyboard and mouse do not work
The Wannacry Ransomware Malware will turn off the keyboard and mouse functions so that you won’t be able to use the I / O device. The active keyboard keys are only the numeric and enter keyboard keys.
3. The existence of a Warning Message
The warning message sent by Wannacry Malware Ransomware is an acknowledgment that all who do it are law enforcers, not only that you will be asked to make payments so that your computer can be free from Wannacry Ransomware Malware.
Ways to Prevent To Avoid Wannacry Ransomware Virus
As we already know that lately the world is being confused and panicked by this Wannacry Ransomware virus attack, but before being exposed to the virus there are several ways to prevent it from avoiding this Wannacry Ransomware virus attack. Take the following steps to prevent this from being infected with the Wannacry ransomware malware:
- Disconnect the LAN / Wifi Cable
- Perform Data Backup
- Anti-Virus Update
- Update security on your Windows by installing Patch MS17-010 released by Microsoft. See: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
- Don’t activate the macros function
- Disable the SMB v1 function
- Block 139/445 & 3389 Ports 8. Repeat, always back up important files on your computer and save the backup elsewhere
Action After Infection:
Currently, there is no quickest and most effective solution to restore files that have been infected with Wannacry. However, disconnecting the internet connection from an infected computer will stop the spread of wannacry to other vulnerable computers. beware of this threat by doing the following:
- For PCs and other forms of Personal Computers and Networks not to be connected to LAN and the Internet first,
- First backup important data, • Make sure the anti-virus software has been updated and the security patch suggested by Microsoft is done first.
Wannacry infects a computer by encrypting all the files on that computer and by using weaknesses in the SMB service can execute commands and then spread to other Windows computers on the same network. All computers connected to the internet that still have this weakness, especially computers that are on the same network have the potential to be infected with the threat of Wannacry.
This ransomware virus has spread throughout the world, so it’s good and should be prevented before getting infected. Because if it has been hit then the files on the computer will be helpless in other words can not be opened.