That's terrible the biggest ransomware attacks hits Indian companies

At look now how malware and ransomware works and what people can do if they fall victim to attacks.

More than 45,000 computers in hospitals, IT organizations, railway station networks, ATMs and even universities across 74 countries have been severely affected by the WannaCrypt ransomware worm also popularly called Warcry. This is the biggest ransomware attack recorded in the history.

What is WannaCrypt ransomware and how does it work?

   The WannaCry ransomware attack is an ongoing cyber attack of the WannaCry  ransomware computer worm, targeting the Microsoft Windows operating system, encrypting data and demanding ransom payments in the cryptocurrency bitcoin

The attack started on Friday, 12 May 2017 and has been described as unprecedented in scale, infecting more than 230,000 computers in over 74 countries. The bad hit countries are reported to the  Russia, India, Ukraine and Taiwan but parts of Britain's National Health Service (NHS), Spain's Telefonica, FedEx, Deutsche Bahn, and LATAM Airlines were hit, along with many others worldwide.

Ransomware usually infects a computer when a user opens a phishing email, and although such emails have been alleged to be used to infect machines with WannaCry.

Who might be behind the attack?

 The malware use a vulnerability identified by the US (National Security Agency) but it has been weaponised and discharge by someone entirely different. So far nobody seems to know who did it nor where they are.Mikko Hypponen, head of research at security company F-Secure, said its analysis of the malware had not revealed any smoking gun.We're tracking over 100 different ransom Trojan gangs, but we have no information on where WannaCry is coming from.

Indian organs attacked by WannaCry unwilling to pay bitcoins

 Many Indian companies compromised by the WannaCry cyber-attack were unwilling to pay bitcoins to recover their data fearing that using the unregulated virtual currency to settle the ransom 

 would only invite more trouble.

There’s also the matter of the three-day deadline for the ransomware to be paid from the time a computer is infected. For companies not already transacting in bitcoins, that’s too short a deadline.

Companies are responding in primarily three ways. Few companies have adopted a wait-and-watch approach, hoping that their data will be restored. A few companies have been paid the ransom and are waiting for their data to get unlocked. The most risk-intelligent performance are restoring data from their offline backups. 

 Ransomware encrypting files gets demands around $300 – $600 bitcoins for your encrypted data to  all over worldwide.