Serangan siber WannaCry: Perbezaan antara semakan

Kandungan dihapus Kandungan ditambah
Tiada ringkasan suntingan
svg
Baris 56:
 
==Serangan==
[[Fail:Countries initially affected in WannaCry ransomware attack.pngsvg|alt=|thumb|Negara yang asalnya terjejas<ref>{{cite web|url=http://www.bbc.com/news/world-europe-39907965|title=Cyber-attack: Europol says it was unprecedented in scale|date=13 May 2017|publisher=|via=www.bbc.com}}</ref>]]
 
Pada 12 Mei 2017, WannaCry mula menyerang komputer di seluruh dunia.<ref>{{cite web|last1=Newman|first1=Lily Hay|title=The Ransomware Meltdown Experts Warned About Is Here|url=https://www.wired.com/2017/05/ransomware-meltdown-experts-warned/|website=Wired.com|access-date=13 May 2017}}</ref> Jangkitan awal mungkin melalui [[kelemahan (sains komputer)|kelemahan]] pada sistem pertahanan rangkaian ataupun [[phishing|serangan phishing]] yang dirancang rapi.<ref>{{Cite news|url=https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/|title=An NSA-derived ransomware worm is shutting down computers worldwide|last=Goodin|first=Dan|work=ARS Technica|access-date=2017-05-14|language=en-US}}</ref> Selepas dilancarkan, perisian jahat itu mula-mula akan memeriksa laman sesawang "suis pemati". Jika ia ''tidak'' ditemui, perisian tebusan itu akan [[enkripsi fail|mengengkrip]] data komputer,<ref name=":1">{{Cite news|url=http://www.telegraph.co.uk/news/2017/05/12/russian-linked-cyber-gang-shadow-brokers-blamed-nhs-computer/|title=Russian-linked cyber gang blamed for NHS computer hack using bug stolen from US spy agency|work=The Telegraph|access-date=12 May 2017|language=en-GB}}</ref><ref name=syma/><ref>{{Cite news|url=https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html|title=Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool|last=Bilefsky|first=Dan|date=12 May 2017|work=The New York Times|access-date=12 May 2017|last2=Perlroth|first2=Nicole|issn=0362-4331}}</ref> kemudian cuba mengeksploitasi kelemahan SMB untuk disebarkan secara rawak ke komputer lain melalui Internet,<ref name=mbytes>{{cite web|last1=Clark|first1=Zammis|title=The worm that spreads WanaCrypt0r|url=https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/|website=Malwarebytes Labs|publisher=malwarebytes.com|access-date=13 May 2017}}</ref> dan secara "lateral" ke komputer lain pada Rangkaian Kawasan Setempat (LAN) yang sama.<ref>{{cite web|last1=Samani|first1=Raj|title=An Analysis of the WANNACRY Ransomware outbreak|url=https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/|publisher=McAfee|access-date=13 May 2017}}</ref> Seperti perisian tebusan yang lain, perisian ini memaparkan mesej memaklumkan kepada pengguna bahawa fail-fail mereka sudah dienkrip, dan meminta wang tebusan sekitar USD300 dalam bentuk [[bitcoin]] dalam masa tiga hari atau USD600 dalam masa 7 hari.<ref name=syma>{{cite web|title=What you need to know about the WannaCry Ransomware|url=https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware|publisher=Symantec Security Response|accessdate=14 May 2017}}</ref><ref>{{Cite news|url=https://www.wsj.com/articles/more-cyberattack-victims-emerge-as-agencies-search-for-clues-1494671938|title=More Cyberattack Victims Emerge as Agencies Search for Clues|last=Thomas|first=Andrea|date=2017-05-13|work=Wall Street Journal|access-date=2017-05-14|last2=Grove|first2=Thomas|issn=0099-9660|last3=Gross|first3=Jenny}}</ref>