RansomWare – WannaCry

Posted at September 26, 2018 at 6:43 pm by Stacey Talieres

To follow up with our latest article, besides CBT Locker Ransomware affecting WordPress websites, this past month many internet users experienced another well known ransomware program called WannaCry. This malicious program would encrypt files by adding .WCRY to the end of the files. Those affected were threatened to pay a ransom of $300 in bitcoins. If those infected did not comply the amount would double eventually leading up to the deletion of the infected files.

As of May 12th, Europe experienced the worst of WannaCry. The United Kingdom was a huge target suffering major losses in their healthcare industry. Many doctors and healthcare providers were unable to access important files which delayed several operations and procedures scheduled for that day. Many other countries were directly impacted by this same issue and in the United States, FedEx was a victim.

How it Happened

WannaCry began as a worm that was spread amongst users. A worm is a malicious program that spreads itself to other files, unlike a virus that needs a user to continue propagating and infecting others. This program was created by the NSA to find a weakness in Windows. However, Windows just released an update to help patch up this weakness, but said they will not rollout any updates for Windows XP, 8, and 2003. This exploit was accidentally released due to cyber-activist gaining access to the program known as ExternalBlue. There goal by releasing this exploit was to protest the current US administration.

Crisis Averted

By registering a domain as a decoy it would attract the WannaCry ransomware and effectively stop it dead in its tracks. Marcus Hutchins, the man who created this domain, knows that hackers will attempt a DDOS attack against his site. This site acts as a cease and desist, and knowing that hackers would try to bring down this site, he had designed the website to sustain heavy loads from incoming botnets.

How to Avoid Ransomware

There are several techniques you can deploy to make sure that ransomware does not affect you.

 

  • Backups

 

One of the most important things you can do is make sure that you take backups as regularly as possible. Any files that you value should always have multiple copies just in case these scenarios do occur.

 

  • Windows Update

 

Always make sure that you update your Windows OS regularly. Usually Microsoft will send security patches and make it available to it’s users. Take the time to actually install these patches or have Windows set to automatically download these backups and install them the next time you shutdown or reboot.

 

  • Email attachments

 

Make sure to never click on email attachments or links coming from unknown email addresses. Usually these attachments or links will have worms or viruses that will infect your computer and then spread  it to other users as well. This was how WannaCry had been spread, had more users been aware of these tactics, then it is possible that the effects could have been mitigated.

These are just some of the techniques you can utilize to avoid any form of malware. Hackers and cyber-criminals take advantage of the fact that many users are not aware of what lurks around the corner. This lack of knowledge has proven to be costly and has affected many businesses worldwide. Hopefully, incidents like WannaCry can educate users across the globe since the Internet has made us more connected than ever before.

 

You can leave a response, or trackback from your own site.

Leave a Reply