What is WannaCry Ransomware & How Do I Protect Myself?

What is WannaCry Ransomware?

Most have heard of the cyberattack released on Friday, May 12, 2017, known as the WannaCry designed to target Windows operating systems.

This is a new strain of the Ransom.CryptXXX (WannaCry) strain of ransomware and it began spreading widely impacting many organizations mostly in Europe and Asia. Those affected include health care systems, banks, colleges, railways, police and more.

How does it work?

WannaCry will take over a machine, encrypting all files. Ransoms are demanded (via Bitcoin) in the amounts of $300 to $600 or the files will not be recovered. The conditions of the ransom are set so that if the ransom is not paid by May 15th, all files on the affected machine will be deleted. Should the deadline be missed, a higher ransom will be due by May 19th.

How to protect against WannaCry

Windows Updates

The most important action to take is ensuring you have installed all Windows security updates. Microsoft pushed out a security update in April 2017 designed to protect the latest versions of Windows from these attacks.

But what about older versions of Windows? Microsoft has taken the rare step of issuing security patches for older versions of Window’s they have retired such as Windows XP and Windows Server 2003. It is very uncommon for Microsoft to do this for operating systems that are pass end of life. This says a lot about how seriously the IT industry is taking this ransomware.

The Microsoft fix is MS17-010 and it’s recommended that everyone update their operating systems.

Antivirus Protection

If your computer(s) do not currently have antivirus protection, it is imperative that your machines are protected immediately.

Halski recommends antivirus applications such as Windows Defender, Bitdefender and Trend. All have been updated to include known variants and component detections into their latest definition updates.

Be Cautious

Users should be suspicious of all e-mails received, particularly those that ask the recipient to open attached documents or click on links. You should also be cautious when it comes to the websites you visit and be sure to turn on pop-up blockers.

If you have seen any nonstandard activity and believe your data may have been exposed, please contact the Halski Team.

Enjoy this blog? Please spread the word: