Into the core: how did ransomware attack so swiftly?
TECH & SCI
By Gong Zhe

2017-05-14 22:27 GMT+8

Ransomware has finally earned world-wide fame, as WannaCry, the latest variation, has affected more than 200,000 victims in 150 countries and regions.
Instead of destroying your computer like old-school viruses, or taking control of your machine to do bad things like zombie networks, black-hat hackers now have a much better tool to gain illegal profits.
Just encrypt everything in your system with a military-level algorithm, and then ask you to pay a ransom for the decryption password. Easy and efficient.
An IT researcher shows on a giant screen a computer infected by ransomware at the National Institute for Research in Computer Science and Automation in Rennes, on November 3, 2016. /VCG Photo
"Ransomware" is no new thing. CERBER, Crypt0L0cker, Reveton, VVV, TeslaCrypt...just to name a few. The concept was born before 2000, but only became a severe threat to normal users in around 2013.
The reasons for the WannaCry plague could be distilled into three points.
1. The NSA leak (likely)
It's widely believed that WannaCry spread so fast because it exploited a Windows loophole leaked from the United States' National Security Agency (NSA).
No wonder we're vulnerable this time. It's technology from the US military.
Though not yet confirmed, blame has been put on the NSA all around the web.
But you don't need to worry about the loophole anymore, as Microsoft has already issued a free patch for you to install. And even if you can't install updates to your system, there's another method to lock WannaCry out.
00:01
01:07
01:07
  • Auto
  • 720p HD
  • 360p SD
  • 180p 3G
 
Steps to block port 445 on your computer and stay safe. /CGTN Video
2. The widespread usage of Bitcoin
Pay me while not knowing who I am.
Bitcoin itself is not evil, but its anonymity can be misused by evil people.
The first widespread ransomware that used Bitcoin as a payment method was Crypt0L0cker. Dell SecureWorks estimated that the criminals behind Crypt0L0cker gained millions of US dollars through the digital currency.
Is there a way for Bitcoin to prevent being used for nefarious purposes?
VCG Photo
3. Evolution of computer hardware
Sadly, your shining new CPU, and SSD storage, can also make you a ransomware victim, because it encrypts your files so fast that you won't realize.
Ransomware uses aggressively complicated algorithms for encryption to make sure you can't solve them. But the payback is slow encrypting speed.
It is only possible to encrypt all files without a user noticing on modern PC hardware.‍
So if your computer suddenly becomes strangely slow, maybe you could force a reboot to save most of your files from WannaCry.

READ MORE