An aggressive new strain of ransomware is shutting down Windows operating computers all over the world. Although the virus known as WannaCry has already infected over 75,000 PCs in 99 countries, it is actually not that hard to secure your digital data.
The latest ransomware employs asymmetric encryption to hold the target’s information for ransom, using a pair of keys uniquely generated by the attacker for the victim. The attacker makes the private key available to the victim only after the ransom is paid – or very likely does not.
Here are some easy steps to protect your machine and secure your files from falling hostage to online scammers.
Security experts advise to install the Microsoft fix—MS17-010—right away. Following the installation, make sure to reboot the system.
The patch that closes the backdoor used by WannaCry to penetrate the system was released by Microsoft on March 14 – apparently shortly after the NSA became aware that its exploit has been stolen, and roughly a month before the Shadow Brokers hacking group exposed it to the world.
Regarding today's ransomware nightmare, it's very bad. Apply MS17-010 immediately, and urgently!
— Ryan Naraine (@ryanaraine) May 12, 2017
In general, patching your system and installing regular Microsoft updates should secure an average PC user from unwanted vulnerabilities.
Just as with many other ransomware, the virus can penetrate the system not only through a Windows vulnerability, but also through the “spray-‘n’-pray” phishing attack, which involves spamming users with emails that carry a malicious attachment. The attackers can also lure a victim to click on a URL where malware will be ready to crawl into your machine.
— RT (@RT_com) May 13, 2017
Because ransomware targets everyday Internet users, businesses and public service providers, any individuals or organizations that needs continuous access to its systems should be especially careful what sites they visit and which attachments they open up.
It is highly advised, in order to protect yourself from being held hostage to data thieves, to create secure backups of important data on a regular basis. Simply backing up is not enough though, as physically disconnecting the storage device is required to avoid it being infected with ransomware as well. Cloud storage is another option to use, but it makes your data vulnerable to all other kinds of attacks.
#3 Don’t pay ransom!
This one is quite simple – there’s no guarantee that victims will get their data back even if they caught up cash cyber crooks demand from them. Plus there is no guarantee that the attackers won’t strike you again or demand more.
#4 Install antivirus (at least a trial version)!
Make use of your antivirus software’s ransomware removal tool, which should scan for and wipe out any ransomware attempts found on your computer.
Most paid subscriptions use real-time protection to keep their clients. Even if ransomware gets past your antivirus, chances are good that within a short while an automatic antivirus update will clear the intruder from your system. Most antivirus companies offer trial versions free of charge to test before subscribing for a paid service, which should be enough if one needs to urgently remove a stray malware.
Ransomware known as WannaCry, Wanna, or Wcry went on a global cyber infection rampage on Friday, infecting at least 75,000 computers in at least 99 countries. The malware adopted to a multi-lingual platform has caused complete data paralysis at banks, hospitals and telecommunications service providers, most notably in the UK, Spain, and Germany.
The virus demands a ransom of $300 to $600 in bitcoin by May 15 to unlock access to data held hostage. The malware is widely believed to have been developed based on the National Security Agency’s zero-day exploit which was leaked last month by the Shadow Brokers hacker group.