Zimbabwe is one of the countries hit by the massive cyber-attack called WannaCry ransomware which has attacked computers in 104 countries including Russia, the UK, Ukraine and China. In the UK, hospitals and medical practices were infected resulting in the cancellation of medical appointments.
A global cyber-security firm, Avast, reported over the weekend that more than 57,000 attacks have been detected so far.
A map of countries infected shows several African countries including Zimbabwe, South Africa, Tanzania, Angola and Nigeria on the list:
The main targets are however the countries in red.
What is this WannaCry ransomware
First, the concept of ransomware: Ransomware uses a typical ransom situation, except this is like a virus* that will block your access to files until you pay the person who unleashed it on your computer.
This WannaCry is doing exactly that. It is encrypting files and demanding that victims pay $300 worth of bitcoins to have the files unlocked. If you don’t know what bitcoin is, you can read more about bitcoin here.
Ransomware is normally targeted at businesses and important individuals who are generally perceived to have more to lose if they don’t pay the ransom.
Here’s a screen produced by WannaCry ransomware that’s asking for payment:
Ransomware type attacks are not new to Zimbabwe, and in fact we’ll explain in another article how this type of cyber-attack has been on the increase locally.
Who is behind the WannaCry Ransomware attacks
The tools used for this attack are suspected to have been stolen from the US government’s National Security Agency (NSA). The attack is taking advantage of a vulnerability in computers running Microsoft Windows.
Microsoft itself has issued an update of their software to plug the holes but there are lots of computers out there that are not updated for one reason or the other.
In Zimbabwe, many Windows computers stay unpatched. For consumers it is usually the problem of expensive mobile data which drives people to just keep Windows updates turned off altogether. For companies, it’s a combination of reasons, from ignorance to security just not being a priority.