Window OS Patch for WannaCry Ramsomware: The WannaCry needs to be a wake up call for all. What many security experts including myself predicted for this year is an increase in ransom-ware infections and particularly on soft targets with low security budgets like small businesses, hospitals etc. It looks like a day of reckoning is here for many businesses with the spread of the WannaCry (aka WCry aka Wanna Decryptor aka WannaCryptor) and you may want to cry if you get this ransom-ware on your systems which encrypts the personal files and holds an ransom unless an amount is paid in Bitcoin. Good news is that Microsoft aware of that and releases Window OS Patch for WannaCry.
1What is the WannaCry Virus?
Accordingly Wikipedia “WannaCry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a ransom-ware program targeting Microsoft Windows. On Friday, 12 May 2017, a large cyber-attack using it was launched, infecting over 230,000 computers in 150 countries, demanding ransom payments in bitcoin in 28 languages.”
Most of the infection are coming from Russia, Ukraine, India and Taiwan. You can watch it spread if you go to this URL here.
WannaCry is not a virus, its a worm and moves from victim machine to victim machine as long as those machines are vulnerable.
2Who is at Risk?
Those who has running Window Operating Systems that are mentioned in the patch announcement by Microsoft here and did not install this patch. Microsoft released this patch in March, 2017. However many organizations and companies haven’t yet installed the patch to their Systems. They have the biggest risk. You need to install the official Window Patch MS17-010 which closes SMB vulnerability use by this worm. How the NSA is at Least Partially Responsible for WannaCry, you can find here.
If you are running Window 10 already, you are more secure compare to other as Window 10 has already vulnerability proof. Also if you time to time update latest patch for your Window OS, you are less likely chance to get infected.
3How to stay protected?
If you are not infected yet, you need to make sure that all of your files are backed up on external drive and should not connect to the internet. So if by change you got infected you can get your personal files and data again from your external hard drive or Cloud storage. Also you want to make sure you installed MS17-010 patch on your system. How Registering One Web Address has Slowed the Spread of WannaCry?
This ransom-ware less likely infected using the Phishing or some other mechanism where user clicks the link of opening the attachment sent via email. So open those emails or attachments where you are 100% sure about the sender.
4What does this Worm do?
The WannaCry encrypt your files and data on your systems. When you try to open the file or data, it shows a countdown timer and holds a ransom about the $300 payment in Bitcoin in three days and victim will be completely loose their files after seven days.