March 18, 2020
WannaCry has been labeled as the most severe malware attack so far in 2017 by far, and the spread of this ransomware is far from over. In this post, we’ll take a look at exactly what WannaCry is, how it works, and how you can protect your computer systems from being held hostage.
The WannaCry virus, which started spreading globally late last week is a form of malware known as ransomware. It attacks vulnerable systems locking people out of their computers, encrypts all their files, and demands a ransom in return for a $300 bitcoin payment in return for a decryption key. Should the user not pay the ransom within three days, the ransom demand doubles to $600 and if not paid within seven days, all files will be deleted. The malware has infected over 200,000 systems in 150 different countries, shutting down everything from hospitals and mobile operators to car manufacturers, oil companies, universities, warehouses, and banks.
Though it might seem to only be an issue for governments, businesses, and large institutions, individual systems are indeed also at risk. WannaCry works by exploiting an old Windows OS flaw where the OS has not been patched or updated. Recent versions of the Windows OS should not be vulnerable to the ransomware as long as you’ve been keeping these systems updated. Older Windows OS versions including specifically Windows 8, Windows XP, and Windows Server 2003, are all vulnerable.
One thing is certain, technology and cyber security experts all agree – do NOT pay the ransom! When dealing with ransomware, you’re essentially dealing with criminals so there’s no reason to expect that they’ll uphold their end of the bargain.
In the case of WannaCry, your chance of getting your files back – even if you do pay – is about as close to zero as you’ll find because of the way the malware is designed. Matthew Hickey, a cyber-security researcher at UK-based firm Hacker House, explained to the BBC: "A manual human operator must activate decryption".
And, security expert Prof Alan Woodward from the University of Surrey also spoke to the BBC explaining that, “Victims are also expected to contact the criminals for a key to unlock their files. I very much doubt anyone would return your contact request, bearing in mind the attention that is now on this. If anyone pays this ransom they are more than likely going to send Bitcoin that will sit in an address for ever more. No point."
If you’re unsure about exactly what Bitcoin is and how it works and you'd like to know a little more, read our recent article offering a beginner’s guide to Bitcoin and what it means for ecommerce.
The most general rule to protect yourself from losing your valuable data has got to be to back it up. Constantly. The next rule of thumb is of course to keep all your software and operating systems updated.
To protect yourself from the immediate threat of the WannaCry ransomware:
While the malware seems to have slowed down, it’s important to remain vigilant as new iterations are regularly released following the first major attack. If you want to read more about the proliferation of ransomware and how you can protect yourself, read our recent article on the subject. One thing's for sure, you can never be too careful!