Cryptovirology

Before attending Flatiron school, I worked in a health care company. Our company receives hundreds of attachments from health insurance companies each day. Even with the filters, scanners, and firewalls, we were still a victim of cryptoviral extortion. The IT department believed an employee opened an email containing the malicious software that encrypted all of our patients file. We could not open anything except a text file that said send us money or you will lose your files. Our manager did not want to or believe we will get the decryption key if we send them the ransom. The IT department had to restore the computers to an earlier backed up version to get the files back.

We were attacked by a malicious software called ransomware. The attackers will block access to your files until you pay them a ransom with cryptocurrency. There is no guarantee they will send you the decryption and no way to track the payment sent. This malware usually find its way to a computer by disguising as an email attachment but it can also make their ways to computer by finding exploits.

On May 12, 2017, over 300,000 computers were infected with Wannacry ransomware. The attackers demanded the owners to send $300 worth of bitcoin within 3 days or it will double and threatens to delete your files after 7 days. The worm travelled automatically using an exploit found in computers running Microsoft Windows. Microsoft knew about the exploit and released a patch in March but a lot of people never updated their computer. 
The United Kingdom’s National Health Service was attacked with the WannaCry and they had to turn away patients. They only accepted patients with emergencies while they deal with the worm.

The attackers received about $130,000 in payments with this attack.

There are many different types of ransomware. This is a copy of a ransomware source code written entirely with Javascript I found on Github. https://github.com/bl4de/research/tree/master/raa-ransomware-analysis

After learning some JavaScript, I find is pretty cool to be able to understand some of the code. Learning how it works can help prevent and deal with future attacks.

The best way to handle ransomware is to prevent it from happening. Make sure to not ignore those annoying system updates.

Keep your computer and antivirus softwares updated with the newest version. Also, make sure to back up your files to an external hard drive.

Souces:
https://cacm.acm.org/magazines/2017/7/218875-cryptovirology/fulltext
https://en.wikipedia.org/wiki/Ransomware