The ransomware outbreak is ongoing and while researchers work to stem the tide of infection, businesses, governments, and individuals can help the cause by making sure they have protected themselves.
The attack is due to a kind of ransomware called Wanna Decryptor, also known as WannaCrypt, WanaCrypt0r and WannaCry. The malware not only infects targets through traditional means — such as phishing campaigns, malicious emails, and dodgy attachments — but once a system has been infected, the malicious code scans for additional targets through networks and jumps to fresh victims.
When a system has been infected with WannaCrypt, the malware encrypts everything it can — including the PC’s hard drive and any connected devices, such as USB sticks and external storage devices.
The ransomware then locks users out of the system, throws up a landing page and demands about $300 ransom payment in the virtual currency Bitcoin in return for files to be unlocked. This amount increases within few days if payment is not forthcoming. Users are also threatened with the mass deletion of files within a week if they resist paying.
The weakness was first revealed to the world as part of a massive dump of software vulnerabilities discovered by the National Security Agency (NSA) and then stolen by a group of hackers calling themselves “Shadow Brokers”.
Microsoft fixed the flaw shortly before the stolen data was published, leading many to conclude it had been surreptitiously tipped-off by the security agency about the existence of the flaw.
How to defend against the ransomware
- Always install updates
Companies often release software updates to fix vulnerabilities that can be exploited to install ransomware. It is therefore advisable to always download the newest version of a software as soon as it is available.
The vulnerability does not exist within Windows 10, but is present in all versions prior to that, dating back to Windows XP.
As a result, users of Windows Vista, Windows 7, and Windows 8.1 can easily protect themselves against the main route of infection by running Windows Update on their systems.
Users of Windows XP, Windows Server 2003 and Windows 8 can defend against the ransomware by downloading the new patch from Windows.
- Back up your files
The greatest damage people suffer from a ransomware attack is the loss of files, including pictures and documents.
The best protection against ransomware is to back up all of the information and files on your devices in a completely separate system. A good place to do this is on an external hard drive that isn’t connected to the internet. This means that if you suffer an attack you won’t lose any information to the hackers.
- Be suspicious of emails, websites and apps
For ransomware to work hackers need to download malicious software onto a victims computer. This is then used to launch the attack and encrypt files.
The most common ways for the software to be installed on a victim’s device is through phishing emails, malicious adverts on websites, and questionable apps and programs.
People should always exercise caution when opening unsolicited emails or visiting websites they are unfamiliar with.
- Use an antivirus program
An age-old computer security tip, antivirus programs can stop ransomware from being downloaded onto computers and can find it when it is.
Most antivirus programs can scan files to see if they might contain ransomware before downloading them. They can block secret installations from malicious adverts when you’re browsing the web, and look for malware that may already be on a computer or device.
Never pay the ransom
For those who have been infected, paying the ransom may seem a tempting way out of trouble. But experts recommend against doing so, arguing that not only does it not guarantee restoration of any files, but it also funds future crime.