Ransomware Attack WannaCry: Everything About WannaCry
You've probably already heard a bit about the WannaCry ransomware, wondering what's going on and whether your computer is secure. The WannaCry attack is one of the biggest ransomware attacks in the cyber world. It is a computer virus created by the NSA. there are many types of computer viruses, WannaCry is one of them. In this article we discuss-
1. What is WannaCry Ransomware Attack?
2. How Does WannaCry Work?
3. How to Protect Yourself from WannaCry?
What is WannaCry Ransomware Attack?
WannaCry is a type of ransomware program targeting Microsoft's Windows operating system. Ransomware is a type of cyber attack where hackers can take control of your computer, and block you from using it or accessing your data until you pay the hackers. If you don't pay the hackers a ransom, they can wipe everything out. The hackers demanded a payment of $300 to $600 which was to be paid using bitcoins.
On 12- May-2017, a massive cyberattack was launched that affected computers in 150 countries, and less than a day, researchers saw 57,000 infections. The attack has paralyzed more than 200,000 computers and affected banks, hospitals, and government agencies.
How Does WannaCry Work?
WannaCry is in some ways very specific ransomware; Its initial attack vector, like most ransomware, is a phishing e-mail (disguised as a job offer, invoice, etc.) that tries to trick someone into clicking on it.
Once a computer is infected with ransomware, it typically contacts a central server to activate the information and then begins encrypting files on the infected computer with that information. Once all the files are encrypted, it sends a message asking for payment to decrypt the files/data and threatens to destroy the information if they do not receive payment.
How to Protect Yourself from WannaCry?
1. Back up all your data
Backing up your data is the most important action to prevent ransomware attacks on your system.
2. Keep your operating system up-to-date
This could easily have been prevented if users were a little more cautious and updated their devices.
3. Use proper security tools
Install good anti-virus software. We also suggest using a strong firewall and strengthening it by adding anti-ransomware tools.
4. Disable Windows Script Host and Windows PowerShell
We strongly recommend disabling Windows programs like Windows Script Host and Windows PowerShell for Windows users, preventing malware from infecting and spreading in the system.
5. Lock down your systems.
By ensuring that your users only have the necessary privileges to perform their duties, you limit the risk of this threat. If you have "all groups" with reading and write privileges in all your folders, you will be dealing with a bigger problem.
6. Back up all data that is important to you and keep the back-ups separated from the environment.
This way, you can restore the data. You should regularly test your backups and make sure they work. I also recommend backing up encryption keys separately; If you can't open the backup because criminals encrypted your keys, you're still down.
7. Train your staff.
They shouldn't click on everything they can get; In fact, they should question everything. Your first line of defense should be your staff; If you train them well, they will help you reduce the risk.
8. If you are hit, have professionals come in and assist.
The key is stored in RAM, sometimes in ransomware, other times it can be decrypted. A professional can at least help you respond appropriately and limit your risk.
9. NEVER pay the ransom; you are dealing with unscrupulous CRIMINALS.
I have heard stories of people paying the ransom and never getting the key. I've also heard of situations where users pay the ransom and get the keys. After a short time, everything gets encrypted again. This is a one size fits all approach, I agree that some companies have no other choice; they are at the place where they have to pay the ransom. Just remember that you're not dealing with people who think and act like you."
10. Avoid suspicious links and files.
11. DO NOT open a suspicious-looking email, especially if it is from an unknown sender.
12. Download files from the trusted sources only.
13. Keep optimizing your email spam folder.
14. In case of slightest of doubts, contact your company’s IT department.
15. Be cautious before clicking any site while surfing.
Join GraspHack Family!
We will never spam you.
Be a part of our ever growing community.