If you have been away from the news recently, you might have missed what has been described as the biggest cyberattack in 2017 so far. The fittingly named WannaCry virus has affected over 300 000 devices and if you are a Windows user, you should definitely keep reading.
What is WannaCry?
WannaCry (also known as WannaCrypt or WanaCrypt0r 2.0) falls under the category of the so-called ransomware attacks – an infection, which encrypts all data until a ransom is paid. In this case, the ransom required by the perpetrators is $300 in bitcoins in the first three days and then $600 in the next seven. If the ransom is still not paid, all data on the infected device is deleted. It affects exclusively the Microsoft Windows operating system as it is believed to have started through a vulnerability in the network defenses or through a phishing attack. It can infiltrate your computer through a Trojan horse virus if you click on a malicious script or download it on your computer. It scans your discs and identifies the files you use the most and encrypts them so you cannot access them in any way.
Who can be affected?
WannaCry ransomware exploits vulnerabilities on Windows devices, which either use older versions of the operating system or an outdated newer version. The particular vulnerability used by WannCry was found in March and a patch for it was applied to all following Windows updates. All Windows devices which have not been updated since before the patch was released are under a potential threat. For detailed information about the severity of threats on different Windows versions, visit the Microsoft Security bulletin.
How to prevent getting hacked?
First and foremost – update your Windows system to at least Windows 8 (or Windows Server 2008) and apply the latest update of the release. We strongly recommend that you consider switching to Windows 10 for your computer if you haven’t already done that. Make sure that your automatic updates are turned on whether you are on Windows 10 or older. Some prominent security analysts also recommend that you close TCP port 445 if your system is still not updated.
Also, you should always be extra cautious when you download files, especially if it is an installation file for a program or application. Only open files from trusted sources and run a virus scan whenever you can.
What to do if your computer has been infected?
One of the most popular questions is whether or not you should pay the wanted ransom if your computer has been infected by WannaCry. UK Nation Security Cyber Center advises people to not give in to the extortion, especially provided that even if after paying the amount your files do get decrypted (for which there are absolutely no guarantees), that would not remove the malware, so you might be requested to pay again. There are several guides online on how to remove the ransomware through paid anti-virus software, which you might want to try out. However, there hasn’t been a proven solution to the issue once your computer is infected.
What if I am a client of WebHostFace?
If you are a customer of ours, you will not be affected by the cyberattack. All of our servers use highly secure Linux-based technology. However, if you use a Windows device at home, we strongly recommend that you run a scan and update your system as soon as possible.