3 min read

How to Protect Against "WannaCry" Ransomware

Filip TRUȚĂ

May 15, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
How to Protect Against "WannaCry" Ransomware

A ransomware attack hitting more than 200,000 endpoints across 150 countries over the past weekend is expected to return with double the force on Monday, experts say. Here”s everything you need to know about the WannaCry ransomware and – more importantly – how to protect against it.

Rundown

  • Ransomware is a type of malware that encrypts user data and demands a ransom, usually in the form of electronic currency, to decrypt the files
  • WannaCry – also dubbed Wanna Decrypter 2.0, WCry, WanaCrypt and WanaCrypt0r – exploits a Windows Server Message Block (SMB) flaw that Microsoft patched almost two months ago (MS17-010 security bulletin)
  • The flaw was originally discovered by the US National Security Agency
  • The hackers stole this vulnerability from the NSA and released it in the wild for others to use and deploy their ransomware attacks
  • Microsoft issued two consecutive patches for the malware, one in March, and another one on Friday
  • As many as 200,000 computers got infected in 3 days after users failed to install the critical patches
  • The malware spreads across networks with the help of a bundled worm, making it the world”s most dangerous piece of ransomware written to date; it is also the first of its kind – i.e. it leverages a wormable exploit to spread automatically
  • The ransom is $300 worth of bitcoins for decrypting and restoring access to your files (ransomware attackers prefer the electronic currency as it is untraceable)
  • The malware threatens to delete your files within seven days if no payment is made
  • It hit several organizations across the globe, including FedEx, Telefónica, and the UK”s National Health Service (NHS)
  • So far few payments have been made to the hackers, but a BBC analysis has revealed that the authors have likely amassed around $38,000 in payments
  • A security researcher who wished to remain anonymous became an “accidental hero” after halting the spread of the malware by registering a domain name to track it
  • The researcher warned that Monday would most likely bring a new wave of attacks, this time priced higher than $300
  • Microsoft responded to news of the attack saying this should act as a wake-up call for governments storing important data on vulnerable systems, leaving the door open to hackers
  • The technology giant said the attack was like allowing someone to break into the US Military and “steal Tomahawks”
  • Europol chief Rob Wainwright said the attack had been reported in 150 countries, calling it “unprecedented in scale”
  • Wainwright has said the Europol is working with the FBI to find those responsible but that people should brace themselves for another potential attack on Monday

How to patch Windows XP, Windows 8 and Windows Server 2003

Following Friday”s attack, Microsoft issued the following statement.

We know some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download here.

How to patch Windows 10

Simply apply your latest system updates. Go to Settings -> Update & Security -> Windows Update -> Check for updates and install the latest updates for your Windows 10 machine.

Because WannaCry exploits a remote code execution (RCE) flaw, hackers can take control of machines without having the user click on a malicious file, as it is usually the case. This means the only way to prevent the attack is to have your system up to date, or to use an anti-malware solution.

Bitdefender customers are not affected by this new family of ransomware. Bitdefender customers (regular and business users alike) are pro-actively protected against WannaCry through machine learning and memory introspection. Learn more here.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese criminals scam kids desperate to play games for more than three hours a week Chinese criminals scam kids desperate to play games for more than three hours a week
Graham CLULEY

August 12, 2022

2 min read
Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read