Scribd
Upload
36 views

CYBERSECURITY ppt

The WannaCry ransomware attack in May 2017 infected over 230,000 computers in 150 countries, demanding ransom payments in Bitcoin. The attack exploited a vulnerability in Microsoft Windows, particularly affecting unsupported versions like Windows XP. Preventive measures include regular software updates, avoiding suspicious links and email attachments, and using updated internet security software.

Uploaded by

mustafashaha44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
36 views

CYBERSECURITY ppt

The WannaCry ransomware attack in May 2017 infected over 230,000 computers in 150 countries, demanding ransom payments in Bitcoin. The attack exploited a vulnerability in Microsoft Windows, particularly affecting unsupported versions like Windows XP. Preventive measures include regular software updates, avoiding suspicious links and email attachments, and using updated internet security software.

Uploaded by

mustafashaha44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

CYBERSECURITY

CASE STUDY
REPORT
BY A R J U PAT H A N
Real Life Cyber Fraud Cases

case 1

WannaCry
ransomware
attack
 The WannaCry ransomware attack was a worldwide
cyberattack in May 2017.

 Attack wa done by WannaCry ransomware


cryptoworm.

 It targeted computers Running the Microsoft


Windows Operating System by encrypting data and
Dmanding ransom payments in the Bitcoin
cryptocurrency.

 The worm is also known as WannaCrypt.


Type of Fraud:
Ransomware Attack

o Ransomware is atype of Malware which prevents


you from accessing your device and the data stored
on it,usually by encrypting your Files.

o A criminal group will then demand a ransom in


exchange for Decryption.
• The attack began on Friday,12 May 2017,in asia at
07:44 am.
• The initial infection was likely through an exposed
vulnerable SMB port.
• Organisations that had not installed Microsoft’s
security update from March 2016 were affected
by the attack.
• Those who still running unsupported versions of
microsoft windows such as windows XP and
windows server 2003 were at particularly high risk
because no security patches had been released
since April 2014 for the same versions of Windows.
Number of Victims affected:

 As per the report,within a day, the code was


reported to have infected more than 2,30,000
computers in over 150 countries.
 A kaspersky Lab study reported ,however that, less
than 0.1 percent of the affected computers running
on windows XP and 98 percent were running on
windows 7.
Causes and Impact of the Attack:

• The attack was clearly initiated for ransom.


• The attackers demanded $300 worth of bitcoins
and then later increased the ransom demand to
$600 worth of bitcoins.
• If victims did not pay the ransom within three
days,victims of the WannaCry ransomware attack
were told that their files would be permannatly
deleted .
Impact of the Attack:

• The WannaCry ransomware attack hit around


2,30,000 computer globally.

• As the ransomware spread beyond


Eurpoe ,computer systems in 150 countries were
crippled. The WannaCry ransomware attack had a
substantial financial impact worldwide. It is
estimated this cybercrime caused $4 billlion in
losses across the globe.
Methods used by Attackers:

• The cybercriminals responsible for the attack took


advantage of a weakness in the Microsoft windows
Operating system using a hack that was allegedly
developed by the United States National Security
Agency known as Eternalblue.
• This hack was made public by a group of hackes
called the shadow brokers .
• It attacked systems which were’nt updated.
Preventive Measures

 Update your software and operating system regurly


If Operating systems are updated regularly,they
would have benefted from the security patch that
Microsoft release before the attack.

 Do not click on suspicious links


Clicking on unverified links could trigger a
Ramsomware download.
Preventive Measures

 Never open untrusted email attachments


Avoid opening any email attachments unless you
are sure they are safe.This is a common way a
ransomware and other malwares are spread.

 Do not download from untrusted websites


Downloading files from unknown websites
increaes the risk of downloading ransomware.
Preventive Measures

 Avoid unknown USBs


Do not insert USBs or other removal storage devices
into your computer ,if you do not know from where
they came from. They could be infected with
ransomware.

 Install/Update your internet security software


To ensure you recive the maximum protection your
interet security has to offer ( including all the latest
patches ) keep it updated.
Lessons learned

o Update Operating system regularly.


o Avoid clicking on suspicious links.
o Avoid opening untrusted email attachments.
o Avoid downloading from untrusted websites .
o Avoid using unknown USBs.
o Using a VPN when using public Wi-Fi.
o Install/Update your internet security software.
o Back up your data.
Reference

You might also like