TECH

Ransomware: What is it?

The global ransomware cyberattack known as “WannaCry” has paralyzed computers running Britain’s hospital network, Germany’s national railway and other companies and government agencies worldwide in what may be the largest online extortion scheme ever.

Ransomware is software that infects a computer and then demands the user pay to have their information restored. "WannaCry" infected computers are frozen and display a big message in red informing users, “Oops, your files have been encrypted!” and demanding about $300 in online bitcoin payment. (Bitcoin in a type of digital currency widely used online.) Victims have only hours to pay the ransom, which rises to $600 before the files are destroyed.

Twitter users around the world posted complaints about their computers shutting down and posted photos of the ransom demands on their computer screens.

Money has been trickling in, according to a Twitter account monitoring bitcoin wallets linked to the attacks, with victims paying nearly $39,000 by Monday afternoon in Asia.

Cybersecurity experts say the worm affects computers using Microsoft operating systems and takes advantage of a vulnerability in the software to spread the infection. “WannaCry” is particularly malicious because it takes just one person to click on an infected link or email attachment to cause the virus to spread to other machines on the same network.

Eiichi Moriya, a cybersecurity expert and professor at Meiji University, noted that many payments already were being made, but warned that paying the ransom did not ensure any fix, and suggested people keep data backups as the attack causes
encryptions.

“You are dealing with a criminal,” he said. “It’s like after a robber enters your home. You can change the locks but what has happened cannot be undone. If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return.”

The Associated Press contributed to this report.