“WannaCry”: Manhajar dake Garkuwa da Kwamfutocin Jama’a
Rahoto na musamman kan manhajar satar bayanai ta WannaCry. A sha karatu lafiya.
Jumma’a, 12 ga Watan Mayu, 2017
A safiyar jumma’a, 12 ga watan Mayu ne kasashen duniya suka wayi gari da labarin wata masifaffiyar manhajar kwayar cutar kwamfuta da ta kama wasu kwamfutoci a nahiyar Asiya. Kafin takewar rana, wannan manhajar kwamfutar cuta mai suna: “WannaCry” ta shigo nahiyar Turai, inda a karshe ta tike a nahiyar Amurka. Da zarar ta harbi kwamfutarka, za ta bayyana maka bukata ce da ke cewa: “An kulle dukkan bayanan dake cikin wannan kwamfuta (ko wayar salula) gaba dayansu. Kuma an baka daga nan zuwa kwanaki uku ko mako guda, ka biya dalar Amurka 300 ko 600, kafin a baka mabudan da z aka budo bayananka dasu. In kuwa ba haka ba, to, ka rasa su kenan.”
Zuwa ranar 19 ga watan Mayu (mako guda da bayyanarta kenan), kididdiga ya tabbatar da cewa wannan manhajar kwayar cutar kwamfuta mai suna: “WannaCry” ta harbi kwamfutoci sama da 230,000 dake warwatse a kasashe sama da 150. A kasar Ingila kadai ta harbi kwamfutoci sama da 70,000, ciki har da kwamfutocin asibitoci da manyan kamfanoni. Ba kwamfutoci kadai ba, har da na’urorin gudanar da bincike cututtukar kwakwalwa (MRI). An kuma tantance cewa, mako guda bayan bayyanarta, da aka bibiya lambar ajiyar banki da manhajar ke bayarwa don karban kudaden fansa, an gano cewa mutane 291 sun biya kudaden fansa da ya kai dalar Amurka 92,879.50 ($92,879.50), wanda yayi daidai da naira Miliyan 32,507,828.50 (N32,507,828.50), kimarsa a kudin Najeriya kenan.
Bayyanar wannan manhajar mai suna: “WannaCry” dai ya tsorata kasashen duniya, inda masana da kwararru a fannin tsaron bayanai (Information Security Experts) duka ta fadakar da jama’a kan muninta, da irin barnar da take haddasa da kuma hanyoyin da za a bi don kare kwamfutoci da ma wayoyin salula daga fadawa hannunta. Hatta a nan gida Najeriya shugaban Hukumar Bunkasa Ci Gaban Fannin Kimiyya da Fasahar Sadarwa (National Information Technology Development Agency), Dr. Isa Ali Pantami ya fitar da sanarwa don ilmantar da jama’a hanyoyin da suka kare kansu daga wannan fitinanniyar manhaja.
A karshe dai an samu damar cin lagonta, sanadiyyar wani yunkuri da wani masanin fannin tsaron bayanai dan kasar Ingila yayi, inda ya dakile ci gaba da yaduwarta, sannan aka ci gaba da bincike. Ya yi hakan ne kuwa ta hanyar yin nazarin gundarin bayanan da manhajar ta kunsa, wato: “Source Code,” inda ya gano cewa tana amfani da raunin dake tattare da kogon sadarwa mai suna: “Server Message Block” (SMB) dake babbar manhajar Windows ne, don dasa kanta da kuma yaduwa ga sauran kwamfutocin dake aiwatar da sadarwa da ita, kai tsaye, ko da a gida suke. Sannan ya gano wani adireshin yanar sadarwa na bogi da magina manhajar suka shuka a cikinta, wanda da zarar ta harbi kwamfuta ta shiga cikinta, za ta fara bin wannan adireshin yanar sadarwa ne, idan ta kasa isa gare shi (wanda daman baza ta iya samun shafin ba don ba a masa rajista ba, da gangan suka yi hakan), sai kawai da rusa cikin kwamfutar da ta harba, tare da yada manhajar zuwa dukkan kwamfutocin dake da alaka da ita ta fannin sadarwa (musamman a gajeren zangon sadarwa, wato: “Local Area Network” kenan).
Ganin haka yasa wannan kwararre yayi wa wannan adireshin yanar sadarwa rajista na musamman. Wanda kuma hakan ne yasa ya rage mata gudu, tare da dakile ta. Domin da zarar ta harbi wata kwamfuta, tana shiga sai ta nemi wannan adireshin yanar sadarwa. Da zarar ta same shi a Intanet, sai kawai tayi can, ta kama babatu. Wannan kuma ke baiwa masu kwamfutar damar cire dan abin da ta dasa a cikin kwamfutar, tare da wanke ta.
Asali da Samuwa
Wannan nau’in manhajar kwayar cutar kwamfuta ba yanzu ta fara bayyana ba. Tsohuwar zuma ce cikin sabuwar kwalba. Bayanai sun nuna cewa ta tun shekarar 2005 ta fara yaduwa, kuma tana cikin jerin nau’ukan kwayar cutar kwamfuta mai suna: “Ransomware”, wato manhaja ta musamman wacce ke harbar kwamfuta, ta nade dukkan bayanan dake cikin kwamfutar, tare da neman fansa daga masu kwamfutar, in kuwa ba haka ba, an rasa abin dake ciki kenan gaba daya.
Nau’ukan Ransomware
Akwai nau’in Ransomware guda uku, duk da cewa biyu daga cikinsu ne suka fi shahara. Amma duk da bambancinsu, abu ne daya ya hada tsakaninsu, shi ne nade bayanan kwamfuta (Encryption), tare da neman fansa.
- Adv -
Encryptic Ransomware
Wannan nau’i na Ransomware aikinta shi ne nade bayanan kwamfutar gaba daya, da zarar ta shiga ciki, tare da neman fansa daga mai kwamfutar, har sai ya fanshi bayanan sannan ya iya sarrafa su. Da zarar ta layance bayanan, za ta nuna masa sunayen nau’ukan bayanan da ta layance su: rubutattun bayanai, hotuna, sauti, bidiyo da sauransu. Za ka iya kunna kwamfutarka kuma z aka iya kashewa, amma baza ka iya sarrafa komai dake cikinta ba. Shahararru daga cikin wannan nau’i su ne: “CryptoLocker”, wacce ta fitini duniyar a shekarar 2013, ciki har da kamfanin Sony Pictures. Sannan akwai wacce ta bayyana cikin watan Mayu, wato: “WannaCry.”
Locker Ransomware
Wannan nau’i aikinta shi ne, da zarar ta harbi kwamfuta, sai ta kulle fuskar kwamfutar gaba daya; baka iya shiga ko ina, sannan ba ka iya shigar da kalmar sirrinka a shafin farko (Desktop). Sai dai ka ga sakon neman fansa kawai. Kudin fansa kawai ake jira. Shaharar wannan nau’i kadan ne, in aka gwama ta da wacce bayaninta ya gabata.
MBR Ransomware
Wannan ita ce nau’i na karshe, wacce bata cika bayyana ba. Amma ta fi sauran tsanani. Domin idan ta harbi kwamfuta, to, da zarar ka kunna kwamfutar, kafin ta gama tashi za a makureta, a aiko maka sakon neman fansa. Abin da take yi shi ne, tana zuwa can cikin bayanan dake motsa tashin kwamfuta ne, wanda ake kira: “Master Boot Records” (MBR), ta yadda da zarar ka matsa maballin kunna kwamfutar, su kuma za su fara motsa ta, tana motsawa, sai wannan manhaja ta MBR Ransomware ta makureta, ta kasa tashi.
Biyan Fansa
Bayyanar manhajar “WannaCry” ya zama sanadiyyar wayewa ga da dama cikin jama’a dake amfani da nau’rorin sadarwa, musamman kwamfuta. Domin masana sun sha nuna cewa idan har wannan manhaja ta harbe maka kwamfuta, to, kada ka biya kudin fansan, domin bayanai sun nuna cewa ko ka biya ma, ba za su bude maka bayananka ba. Sun dada fahimtar hakan ne ta la’akari da bayanan manhajar WannaCry, inda suka lura cewa, babu wata hanya da masu manhajar suka tanada don gano wanda ya biya kudin fansa da wanda bai biya ba. Su dai kawai kudin suke karba. In kuwa haka ne, ashe ko ka ko baka biya ba, ba bambanci, wai makaho yayi dare a kasuwa.
Hanyoyin Kariya
Bayanai sun nuna cewa wannan manhaja tana yaduwa ne ta hanyar sakonnin bogi na Imel (Spam Mails), da hanyar rariyar likau (Links) da ake aikowa zaurukan sada zumunta irin su Whataspp da Facebook da sauransu, da shiga gidajen yanar sadarwar da suka harbu da wannan manhaja, da kuma barin kwamfuta ba tare da sabunta babbar manhajarta ba (Update), sannan da amfani da tsohuwar babbar manhajar Windows XP.
Don haka sai a kiyaye; duk wani rariyar likau da aka aiko a “Group” a Whatsapp ko Facebook, in har baka bukaceshi ba, kuma baka amintu da wanda ya turo ba, to, kada ka latsa. Duk wani sakon Imel da aka aiko maka daga inda baka sani ba, ko baka amintu dashi ba, kuma ba kai ka bukata ba, to, kada ka bude, in ma ka bude aka ce ga wata rariyar likau (Link) nan ka latsa don shiga wani wuri, kada ka latsa. Ka rika sabunta babbar manhajar kwamfutarka, sannan idan babbar manhajar Windows XP kake amfani da ita a kwamfutarka, kayi kokarin canza ta, domin kamfanin Microsoft ya daina bata bayanan sabuntawa tun shekarar 2014.
- Adv -
