On May 12, 2017, a malware strain called ‘WannaCry’ struck more than 150 countries affecting over 200,000 computers. Currently, the bug is affecting multiple Windows operating systems without patch MS17-010, which was released in March, 2017. The way this exploit works is the ransomware gets sent to users through a normal route such as email or messenger app and contains a malicious link or file. Once that link or file is clicked on, the malware will activate and will hold the user’s computer hostage by encrypting all files until a ransom is paid.
Once the ransom is paid, the user receives a decryption key which will unlock the files. If the user does not comply within 3 days, the price will double and if the user does not comply within 7 days, the attackers threaten to permanently delete all files. The WannaCry malware is especially dangerous because once a user becomes infected, the ransomware scans through the internal network looking for other vulnerable Windows computers on the network.
This unprecedented cyberattack has gained the criminals responsible about $55,000 so far and is expected to double within the week. Thousands have been affected by this including 16 hospitals in the U.K. who were forced to divert patients to different hospitals because of the attack. Businesses and organizations who do not routinely keep their Window systems up-to-date are at risk. Below are some guidelines put out by Microsoft to help stay safe from the WannaCry ransomware attack.
How to Keep Your Computer Safe from ‘WannaCry’
- Make sure patch MS17-010 is installed.
- Do not click on any harmful links in your emails.
- Be wary of visiting unsafe websites.
- Do not click on a link that you do not trust on any webpage or social media platform.
- Check with friends and co-workers before clicking a link that they have sent you to make sure that it was actually them.
- Backup all files and documents on a daily basis.
- Make sure that your anti-virus software is working and is up-to-date.
If a computer in your business or organization becomes infected, it is extremely important to take that computer off the network immediately. Failure to do this will result in the infection of other vulnerably systems in your network. If you have any questions about the WannaCry ransomware, please reach out to our certified Information Security team below.
The National Security Agency (NSA) has announced that they have joined GitHub as part of their Technology Transfer Program (TTP).read more
Security researchers at Checkpoint have discovered a new malware called “Fireball”. Learn about this new threat and how to tell if you have been affected.read more
On May 31, the FFIEC released an update to its Cybersecurity Assessment Tool (CAT).read more