Today: Jul 05 , 2020

WannaCry Ransomware

30 May 2017   Kristina Abbey | CompuTime

Computer Virus Continues Infecting Computers Worldwide at Unprecedented Level

On Friday, May 12, 2017 a new strain of ransomware called WannaCry began infecting computers around the world. This particular strain of software began in Europe but quickly spread around the globe infecting tens of thousands of computers in over 100 countries. This strain of virus attacked hospitals, major companies, and government offices to start and is still spreading. A major worldwide event, Europol said that this attack was of an “unprecedented level and required international investigation.”

A couple weeks have gone by and it seems that the news stories that swirled the internet, newspapers, and newscasts have dropped out of sight. It is important to remember that even though the media focus has waned, the threat is still very active and very real. To help you better understand WannaCry ransomware, we are going to go over a little information about what it is, how it works, what to do if you are infected, and measures you can take to protect your computer and data.

What is WannaCry?

WannaCry, short for Wana Decryptor, is a ransomware software that works to encrypt all the files on a computer then demands the victim pay a ransom to free the files. This ransomware uses a hacking tool called EternalBlue that allows the program to hijack unpatched older Windows machines. Once Wana Decryptor has infected one machine, it’ll attempt to spread to other machines on the same local network.

How Does WannaCry Work?

WannaCry is a malicious program that is designed to spread quickly. Using leaked NSA software called EternalBlue, WannaCry has been able to hack hundreds of thousands of computers around the world and it isn’t done yet! Similar to other ransomware software, WannaCry infects your computer by locking down all files and asks the computer’s administrator to pay a ransom in order to regain control.

What’s worse, is how easy it is to spread this ransomware from an infected computer to other computers. For example, if you take your laptop (that is infected) to a coffee shop, it can spread to other PC’s at the coffee shop that are on the network. From there those computers go to businesses and homes and the infection is spread further.

What to Do if You Get a Ransomware Virus

First off, when you get an encryption software, once your computer is locked down, the program will state you will need to pay a fee in order to get your files back. WannaCry, for example, will start with a ransom of $300 to $600 in Bitcoin and every six hours the ransom is not paid, the amount increases. Other ransomware infections work similar to that of WannaCry and the experts are saying, no matter what, don’t pay the ransom, especially not WannaCry. Paying the ransom requested to unlock your files only encourages the scammers to continue. Plus, there’s no guarantee you are going to get your files back in any version of the ransomware viruses. In the case of WannaCry, there is no way to tie a payment to the person making it, so the individual paying the ransom won’t necessarily get a key to decrypt their computer files.

It is important to remember, don’t pay the ransom. However, it is also important to note, if you get an encryption virus, shut your computer down immediately. Whether pressing the power button until it shuts down or pulling the plug, you want to shut your computer off before the virus has time to spread. If your computer is a part of a network, you want to ensure that this computer is disconnected from the network (disabling the wireless) to prevent the ransomware from spreading. If a ransomware attack is suspected, turn off your computer and notify an IT professional right away.

Protecting your Computer and your Data

No one wants to get a virus on their computer. There are steps you as a user can take to help protect your device and your data.

Run Patch and Security Updates

You know those annoying updates that your computer wants you to run? Do them! Running security updates will allow your computer’s antivirus to update and keep up to date with newer malicious software threats. This is an important and easy step anyone can take to protect their computer. WannaCry took advantage of a patch vulnerability to infect computers.

Retire Your Old Devices

Computers with outdated operating systems like Windows Server 2003, Windows XP, Windows Vista, and Windows 8 are no longer supported and have become prime targets for malicious software. If you are using a device with these operating systems, it’s time to say goodbye to them and invest in a computer with a recent operating system.

Restart Your Computer at Least Once a Week

Completing a restart once a week can help your computer run efficiently. The restart process will clear the cache, allow any updates that need a restart to be completed, and allows for a clean boot. Doing the restart will help with your computer’s operation efficiency.

Have an Antivirus Software!

This one may seem obvious but some users still don’t understand the importance of having an antivirus program running (and updated) on a computer. Having an antivirus software can be a line of defense against malicious attack.

Save, Save Often, Save in Many Places

Sometimes getting a virus infection happens and if you get a ransomware virus, recovering your data becomes difficult if not impossible. Data like pictures and documents that are important to you should always be backed up. Whether you use cloud backup, save to a flash drive, or an external drive, be consistent on your backups to prevent data loss.

As always, you as the user are a major line of defense against infection. Following the steps above are important but it is also necessary for you to be aware of what you do as a user that can put your computer at risk. Take care on what types of links you click, avoiding banner ads and suggested posts on websites are a great start. Skip opening email attachments from untrustworthy sources or from unknown emails. And that pop-up that locks your computer telling you your computer is infected and to call a number. Don’t Do It!!! That is a scam that can seriously damage your computer.

We’re Here for You

CompuTime, a locally owned business, has been here to service you and your technology needs for over 20 years! Our technicians are fully prepared to help you. Having concerns about a virus, a scam popup, or ransomware infection? We can help with a virus removal. Perhaps you simply need to have us help you with ways to back up your data. We can help you with our automatic back up setup. Whatever your needs, CompuTime can help you take steps to keep your computer running and your data safe.