The recent global ransomware attacks have well and truly taken the media by storm – and for good reason! The WannaCry/ WannaCrypt/ WannaCrypt0r ransomware virus/worm has hit countless victims the world over, and has left businesses and the general public in a spin about the security of their devices.
However when you know how to protect your devices from viruses and malware, you stand a true fighting chance of having these nasty gremlins pass you by.
So what’s currently happening?
As you’ve probably heard, there’s a new and particularly damaging ransomware worm (a kind of self-replicating virus) doing the rounds called WannaCry/WannaCrypt/WannaCrypt0r. It’s reported as having started on 12th May 2017, and seems to be targeting older – or unpatched – versions of Windows.
What ransomware does is that it encrypts files on an infected computer, rendering them total gibberish without a decryption key which is needed to put the files “back together.” The hackers behind any ransomware attack claim that they will provide a user with the decryption key in exchange for (usually) money. They’re effectively holding the owner’s valuable files for ransom – hence the name.
The WannaCry hackers are claiming that they’ll decrypt a computer’s files if the user coughs up around £230 worth of Bitcoin within three days. Failing that, the hackers will raise the price after 3 days to around £465; and if payment isn’t made within seven days, then the files will be encrypted – and therefore lost – forever.
The “launch” on a Friday and the 3-day time limit are most likely deliberate, in order to potentially cause the most damage and make the scheme the most profitable by the time work came around on Monday 15th.
Once a machine is infected, WannaCry (as with most ransomware) explains that the computer’s files have been encrypted and demands payment. Experts are advising not to pay the ransom; this kind of extortion is a crime, and it’s unfortunately quite unrealistic to expect the hackers to play fair and simply let you have your stuff back.
How does WannaCry/WannaCrypt Spread?
It’s reported that WannaCry is chiefly gaining access through infected email attachments (even mundane looking Word Documents and PDFs), and once one machine within a network is infected, it looks for other potential victims “laterally.” This basically means that it looks for other machines on the same network to spread the infection.
This is part of the reason why larger organisations have been hit so hard – the larger the network, the more prospective lateral infections. It’s very much a “the bigger they are, the harder they fall” kinda deal.
The WannaCry worm doesn’t appear to pose too much of a threat for individuals using recently updated Windows 10 systems, rather focusing on older Windows versions that may not have up to date security provisions. XP users seem to be the hardest hit and therefore the most at risk, but be on your guard whatever version you are using; stay safe – you don’t know what other threats are around the corner.
Let’s take a look at how small businesses and individuals can protect themselves from viruses, malware, and ransomware threats.
How can I protect my small business from ransomware?
Becoming familiar with good online security practices is your best bet to avoid any future issues. The tips below are good security practices to follow at all times – not just against WannaCry and even if you are not using a Windows operating system.
- Run Windows Update (or your OS’s updating function) to get the latest security updates for your operating system. If you also rely on other software packages (such as Microsoft Office) also keep them up to date too. See below for more information about updating and patching – especially for those using Windows XP.
- Keep all anti-virus, anti-malware and firewall software on your machines up to date. If you don’t already have any of this software – get some now! There are many excellent, free, anti-virus tools available that you can find with a quick online search. You may also want to set these programs up to scan regularly once a day or once a week. Yes – NOW! I’ll wait.
- Never click links or download files/attachments from suspicious looking websites or emails, and make sure that your team are also informed to do the same.
- Take stock of all of the devices that you and your team use for work purposes and those that are attached to your internal networks. What operating systems do they run? What anti-virus and firewall provisions do they have in place? Make sure that their operating systems and anti-virus software is kept up to date regularly.
- Understand the infrastructure of your internal network and how your company’s PCs communicate with each other. This may be good to know, i.e., how and where to stem any potential flow of the virus should one machine on your network become infected.
- Back up all of your important data, and commit to doing so regularly. There are a number of tools out there that can help you backup your data automatically. Always keep at least one recent backup separate from your PC or network, and never plug in a good backup drive into an infected machine.
- Avoid downloading any files from unknown or untrusted sources – especially files with an .exe extension.
Larger organisations should speak to the company or department that looks after their IT solutions immediately to assess the potential risk that WannaCry and other threats may pose and help plug any potential security holes.
Protecting Your Computer from WannaCry
So how do you protect against the WannaCry threat specifically?
If you are using an older version of Windows, consider upgrading to the newest version your PC can handle. Remember that XP users appear to be particularly at risk. Even though official support for XP ended 3 years ago, Microsoft have taken the rather unprecedented move of providing a patch (link below).
Windows XP, 8, and Server 2003 Users: Be aware that your version of Windows requires patching immediately to stay safe. Check this Microsoft TechNet post to find the right patch for your systems and install it immediately.
Windows Vista, 7, 8.1 & 10 Users: If you follow the above pointers and run Windows Update to make sure you have the latest version of your OS, you should be protected. Don’t forget to update your anti-virus software too!
Mac and Linux users are reportedly so far unaffected, but it still pays to follow the online security pointers above.
[bctt tweet=”Worried about the latest #WannaCry threat? Read this guide to keeping ransomware at bay” username=”yellbusiness”]
I sincerely hope that WannaCry doesn’t pay you a visit. At the time of writing, there appear to be ways to remove the infection, but sadly not to restore encrypted files.
However, following good online common sense will help keep you as protected as you can be. Be safe out there.
Further Reading
The Guardian
Computerphile YouTube Video
Readers! What WannaCry concerns do you have? Do you know anyone who has been hit? What steps have you taken to protect yourselves? Let’s discuss in the comments.