Today, the world is continuosly battling against the WannaCry ransomware. It also somewhere known as WannaCrypt but there isn’t any major difference between the two.
On 12 may, the attack, started to lock people’s computers and encrypt their files, demanding to pay up to $300 in the form of bitcoin, a price that doubles after three days, to get a decryption key or risk losing their important files forever. It behaves like a worm though it is a malware, infects potentially computers and servers on the same network.
Last week, its effect was slowed by a security analyst after discovering a kill switch in its code, since it has been updated without the kill switch, providing it to grow further. WannaCry has till now affected 200,000 computers from more than 150 countries and, shutting down, universities, hospitals, warehouses and banks.
Though it might seem to be an issue for only business organizations, governments and educational institutions, individuals are also at risk, as WannaCry targets a Windows operating system flaw in older versions of the OS that do not have been patch updated.
Herein comes largely from How to defend yourself against the WannaCrypt global ransomware attack:
These OSs are affected
The attack exploits a vulnerability in older Windows operating systems, which are:
- Windows XP
- Windows Server 2003
- Windows 8
If you're using a more recent version of Windows with an up-to-date of your system updates, then probably you should not be vulnerable to the current version of the WannaCry ransomware:
- Windows 10
- Windows 8.1
- Windows 7
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012 R2
- Windows Vista
- Windows Server 2012
- Windows Server 2016
But its vice-versa is also applied, If you haven't been updated to those newer versions of Windows, you'll be just as vulnerable until and unless you do.
You don't have to worry about this particular threat, if you're using MacOS, ChromeOS or Linux, or any mobile operating systems like iOS and Android.
Update Windows as soon as possible
If you're using one of the newer versions of Windows listed above i.e. 10, 8.1, 7, etc. and you've kept your PC up-to-date with automatic updates, it must have been rolled out back in March.
Microsoft rolled out rare patches on the older versions of Windows that it no longer officially supports to protect against this malware, to encounter WannaCry malware.
Turn Windows Update on if it's disabled
Even if you were in the middle of work, it’s not uncommon for people to disable Microsoft's automatic updates, especially because earlier iterations had a tendency to auto-install. Microsoft has largely fixed that issue with the current version of Windows 10 (the recent Creators Update). If you have disabled automatic updates, go back into Control Panel in settings, switch it back on and leave it on.
Install a dedicated ransomware blocker
Cybereason Ransomfree is a free utility that is designed to block threats like WannaCry.
If you're using an antivirus utility, don’t assume that it offers protection against ransomware, especially if it's an outdated version. Many of the big suites didn't add ransomware blocking until recently.
Not sure if you're protected? Dive into your utility's settings and see if there's any mention of ransomware. Or, do some web searching for the specific version of your product and see if it's listed among the features.
If it's not, or you're pretty sure you don't have any kind of safeguard beyond your patched version of Windows, install a dedicated anti-ransomware utility. Two free options: Cybereason Ransomfree and Malwarebytes Anti-Ransomware (currently in beta).
Keep watching for mutations
Just because there's a patch doesn't mean you'll always be protected. New variations of the ransomware have popped up without the Achilles heel and bearing the name Uiwix, according to researchers at Heimdal Security.
Cloud storage may help
You may be able to recover all your WannaCry-encrypted files by accessing earlier versions of them, if you're using a cloud-backup tool like Carbonite. Also cloud-storage service Dropbox keeps screenshots of all changes made to files in the past 30 days. This is a very good time to investigate and know whether you have an option other than paying the ransom, whether your online backup or storage provider does actually keep rollback versions of your files.
Can I get ransomware on my phone or tablet?
Ransomware in its current form most notably is a Windows-specific form of malware. It's designed to target the Windows operating system and the files contained therein, so it's not a threat to mobile OSes like Android and iOS. But, you should always practise the same steps when it comes to suspicious links in emails and on websites, never tap, if you are in doubt.
What if I'm already infected?
Possibly, there's no way appears to reverse the encryption for free. That's why many individuals and organizations often end up paying the ransom if their computers are already locked down. However, Bleeping Computer has a guide to removing the ransomeware. While CNET has not independently verified the efficacy of that process, it's important to note that the malware remains on afflicted PCs even after they've been unlocked.
In other words, even if you pay the ransom, you'll still have work to do.
Also Read: Cybersecurity All About WannaCry Ransomeware