Wannacry Ransomware – are you protected?
WannaCry Ransomware, a worldwide cyber attack that began in May 2017.
WannaCry is a form of ransomware targeting computers running the Microsoft Windows operating system. It encrypts data, demanding ransom payments in Bitcoin cryptocurrency.
Within a day was reported to have infected more than 230,000 computers in over 150 countries. Notably, the United Kingdom’s National Health Service was infected causing it to run some services on an emergency-only basis.
Wannacry spread by exploiting a vulnerability in the Windows SMB protocol. This vulnerability was only discovered on March 14, 2017 leaving consumers and businesses little time to address. Those running older versions of Windows, like XP and Server 2003 were particularly vulnerable as Microsoft no longer issues patches for those operating systems.
This type of vulnerability exploit allows malware to spread from computer to computer by simply being on the same network. Networks can include work, home, internet cafe, or hotels. Victims do not need to visit a web site, or open an email attachment, they just need to be in the wrong place at the wrong time.
Once infected, the payload finds and encrypts data files, then displays a ransom note demanding payment of $300 within 3 days or $600 within 7 days. As is traditional with ransomware, payment was only to be made in Bitcoin. Bitcoin transaction records show that this attacker collected $130,634.77 from 327 victims by June.
GET INSTANT ACCESS
Download the RescueVault Demo!
No Credit Card Needed!
Simple, hands off, daily backup.
The spead of this attack was interrupted by a kill switch that was discoverd enabled by researcher Marcus Hutchkins by registering a domain name that was hard coded into the malware.
Originally, WannaCry was blamed on China due to the fluency of the ransom note in that language. Other language versions appear to have been machine translated. Researchers from the Cyber Security firms FireEye and Symantec have since attributed this particular flavor of ransomware to the North Korean hacking group “Lazarus”.
The best defense against ransomware is to have a copy of your data off-site, not on a hard drive that is connected to the computer that is infected. Backup your data now with RescueVault. Try now for 14 days free.
