What is malware and ransomware?
Malware is a general term that refers to software that's harmful to your computer, said John Villasenor, a professor at the University of California, Los Angeles. Ransomware is a type of malware that essentially takes over a computer and prevents users from accessing data on it until a ransom is paid, he said.
The WannaCry ransomware attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the crypto currency bitcoin in 28 languages.How it Attack Computer what message it deploys?The initial infection might have been either through a vulnerability in the network defenses or a very well-crafted spear phishing attack. When executed, the malware first checks the "kill switch" domain name.
If it is not found, then the ransomware encrypts the computer's data, then attempts to exploit the SMB vulnerability to spread out to random computers on the Internet, and "laterally" to computers on the same network. As with other modern ransomware, the payload displays a message informing the user that files have been encrypted, and demands a payment of around $300 in bitcoin within three days or $600 within seven days.In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails."The age-old advice is to never click on a link in an email," said Jerome Segura, a senior malware intelligence researcher at Malwarebytes, a San Jose-based company that has released anti-ransomware software. "The idea is to try to trick the victim into running a malicious piece of code." The ransomware encrypts data on the computer using an encryption key that only the attacker knows.
What should you do to protect yourself?
Authorities in the U.S. and U.K. have issued guidance on what to do.
Individuals and small businesses should:
Meskerem Alemu (CEH,CISA,MSCS)
Cloud computing is a prospering technology that most financial organizations are considering for adoption as a cost
effective strategy for managing Information Technology (IT). However, financial organizations such as banks still consider the technology to be associated with many business risks that a re not yet resolved. Such issues include security, privacy, legal, compliance and regulatory risks. Due to lack of professionals and adequate security frameworks in the area, the issue is getting scaled up to become a severe problem. In this research ,through conducting systematic literature review on cloud computing and banking industry security standards, policy and best practices coupled with interview as methods of data collection, we proposed applicable Conceptual Cloud Computing Security Framework for Banking Industry. The Sherwood Applied Business Security Architecture (SABSA) enterprise security model is used as a guide for designing the newly proposed security framework focusing on architects view of five basic security matrix question (What, Who, Why, Where, How). The proposed framework incorporates major component that addresses security, privacy, legal and compliance and regulatory issues.