How to protect yourself from WannaCry Ransomware

Yesterday, a massive ransomware campaign hit computer systems of hundreds of private companies and public organizations across the globe. It is believed to be the biggest ransomware attack that the cyber community have ever seen. It has already infected over 75,000 PCs in 99 countries including United States, Russia, Germany, Turkey, Italy, Philippines and Vietnam, India in less than 24 hours.

The ransomware, called “WannaCry,” is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven’t updated their systems are at risk.

According to a report, the ransomware attack has shut down work at 16 hospitals across the UK after doctors got blocked from accessing patient files. Another report says, 85% of computers at the Spanish telecom firm, Telefonica, has get infected with this malware.

Once infected with the WannaCry ransomware, victims are asked to pay up to $300 in order to remove the infection from their PCs; otherwise, their PCs render unusable, and their files remain locked.

“Affected machines have six hours to pay up and every few hours the ransom goes up,” said Kurt Baumgartner, the principal security researcher at security firm Kaspersky Lab. “Most folks that have paid up appear to have paid the initial $300 in the first few hours.”

Got scared already? Don’t want to be a victim of WannaCry Ransomware?

First of all, if you haven’t patched your Windows machines and servers against EternalBlue exploit (MS17-010), do it right now. Following the installation, make sure to reboot the system.

In general, patching your system and installing regular Microsoft updates should secure an average PC user from unwanted vulnerabilities.

Just as with many other ransomware, it can penetrate the system not only through a Windows vulnerability, but also through the “spray-‘n’-pray” phishing attack, which involves spamming users with emails that carry a malicious attachment. The attackers can also lure a victim to click on a URL where malware will be ready to crawl into your machine.

It is highly advised, in order to protect yourself from being held hostage to data thieves, to create secure backups of important data on a regular basis. Simply backing up is not enough though, as physically disconnecting the storage device is required to avoid it being infected with ransomware as well. Cloud storage is another option to use, but it makes your data vulnerable to all other kinds of attacks.

Install an anti virus if you don’t have it already. Also make sure that you run an active anti-virus security suite of tools on your system, and most importantly, always browse the Internet safely.