Pixabay/TypographyimagesRansomware is a serious threat to home and business networks today following WannaCry's spread in more than 150 countries around the world.
The locking or kidnapping process generally relies on frighteningly complex cryptography. We increasingly are among the first responders to attacks on the internet. If you're hit by ransomware, you may be able to decrypt your data without paying via a tool built by security firm Kaspersky. It secretly puts itself on computers and uses processing power to generate units of a digital currency called Monero.
If you're suspicious of an update notification thinking it might be malware or a phishing attack, you can easily verify by going to the software provider's website.
Cyber-attacks on the scale of WannaCry may remind organisations about the need to maintain their IT security. It is very important to keep systems firewalls, antivirus updated. The problem is once those vulnerabilities become public, they can be used.
Whatever the NHS does, it's clearly becoming a bigger and bigger risk to remain on Windows XP, and some action needs to be taken - this is about protecting vital patient data, after all. EternalBlue was developed - and kept secret by - the US National Security Agency (NSA).
That fix was released in March but - as with all patches - a significant number of Windows systems had not yet been updated. The whole WannaCry ransomware fracas could be just the beginning of things, if Shadow Brokers - the group of hackers which has previously leaked NSA tools and exploits, including the vulnerability used in WannaCry - has anything to do with it.
What did Microsoft know about all of this? IT users and businesses alike should consistently patch their machines with updates from Microsoft, especially those who are using older versions of the operating system.
The malware only affects Microsoft's Windows operating system, exploiting a vulnerability in it. Over the weekend, the firm made a decision to also release a similar patch for the XP system which the firm announced in 2014, it was no longer going to support. While all this sounds terrifying, Tarah Wheeler, security researcher and author of Women in Tech, said ransomware is in some ways one of the "most benign" types of malware - unless you run critical infrastructure like hospitals, of course. He noted, however, the complexity that can be involved in patching a security hole.
Victims of WannaCry - people who saw their data encrypted - had two options. You can either choose to decrypt your data, pay the hackers the ransom and encourage their vile activities, or you can choose to contribute to the greater good by having your data erased and starting all over again. Should I pay the ransom?
Ransomware is just one of the ways that cybercriminals profit from weak computer security. The cyber attack has also reignited the debate over whether or not governments should disclose vulnerabilities that they discover, instead of stockpiling them to use it to their advantage as and when needed.
It gets worse too.
Different versions are coming related to ransomware virus attack effect in India. But in this case, according to Kaspersky Lab, the shared code was removed from the versions of WannaCry that are now circulating, which reduces the likelihood of such a "false flag" attempt at misdirection.
How much money did the criminals make? American officials said Monday that they had seen the same similarities.
Sadly though you can't tell easily who owns a wallet, and would you be courageous enough to try and move the takings?