Academic Paper Summary

The first page on the paper 

A Study of WannaCry Ransomware Attack written by Dr. Supreet Kaur Sahi. The paper identified hacking as a legal action for research testing, and so on. Cracking, on the other hand, is illegal hacking, which can happen by using a different mechanism; thus, different attacks might take place. One of which is malware that is used to take over a system. Therefore, As security measures, users must be aware before downloading from the internet or using the network. As security breaches could be physical, managerial, or technical. Furthermore, data needs to be encrypted prior to being sent outside the local domain. However, incidents could happen. Therefore, when identifying any threat, the security team should step to handle the situation. In May 2017, the WannaCry attack affected more than 2,00,000 computers in more than 100 countries, which an example of a security incident. The WannaCry attack begun by scanning for vulnerable TCP 445 on the public internet. It was a worldwide attack that targeted Microsoft Windows operating system. Furthermore, the WannaCry attack was a ransomware attack, which means that the data was encrypted, and a ransom payment in Bitcoin Cryptocurrency was asked in return for the decrypted key. One thing to notice is it was capable of spreading via the internet. Even though Microsoft Windows has released a security patch the day of the outbreak to contain the attack, the number of infected computers was rising. Many techniques were used in the attack. First, WannaCry has used DOUBLEPULSAR, which was used to access and execute the code in compromised systems. Along with the ETERNALBLUE module, which was used to exploit the SMB vulnerabilities and helped with installing the DOUBLEPULSAR's backdoor. Another fact the kill switch domain was found on May 14,2017, the difference on the domain was only two letters. Ransomware might carry out many threats, such as loss of sensitive information and financial losses, affecting the organisation's reputation. Therefore, protection measures should take place, installing antivirus, making sure it is up to date, taking a data back-up, and never opening attachments on unknown emails. To sum up, this paper has shown the WannaCry attack characteristics and ways to prevent such attacks.

References:

 Sahi, S., 2017. A Study Of Wannacry Ransomware Attack. [ebook] Available at: <https://www.technoarete.org/common_abstract/pdf/IJERCSE/v4/i9/Ext_89621.pdf> [Accessed 10 December 2020].