The Trouble with WannaCry ransomware

The emergence of the WannaCry ransomware late last week sent seismic shock waves across the world. It wasn’t just because it was ransomware it was the fact that it spread so rapidly across Europe, China and Russia. Within a short time banks in Russia, the National Health Service in the UK and universities in Hong Kong had been brought to their knees.

WannaCry was different than most malware in that it incorporated a worm component that allowed it to spread so quickly and so far. Ransomware typically limits itself to the computers it has affected, freezing up all the files and demanding the victim coughs up payment before sending a decryption key to release all the files it has encrypted.

How did WannaCry spread so rapidly?

WannaCry however not only infected computers it then burrowed into the network to find other computers connected to the same infrastructure and subsequently infected them too. Ransomware alone is dangerous, but WannaCry is doubly dangerous.
Most ransomware attacks begin with phishing emails, that is, mails that purport to be legitimate but actually carry infected links or try and direct users to websites loaded with malicious malware, that is, the ransomware. WannaCry appears to be different:
  • In some senses it is throwback to the early 2000’s when computer worms were common such as ILOVEYOU, Nimda and Code Red. These and other worms spread like wildfire replicating across the globe at alarming speed. WannaCry did the same.
  • It exploited a vulnerability that many organisations had not patched against. Patching operating systems should be a security first step but clearly many organisations struggle with this.
  • The NHS was hit hard because it was using the old-school Windows XP operating system. Microsoft stopped general support for Windows XP several years ago and although the NHS paid for extra support the government pulled the plug on this support contract to save money.

Is WannaCry now dead and buried?

There were concerns that WannaCry was due a fresh outbreak as the working week begun. But no doubt IT departments across the world were scrambling to patch their operating systems stemming the tide, but it is still out there and no doubt penetrating vulnerable systems.

Can we breathe again?

Not quite. Ransomware is always lurking.
  • In 2106 alone the FBI said ransomware accounted for $1billion in losses globally
  • From the cyber villains point of view ransomware is the near perfect tool to commit the near perfect crime. The fraudsters remain hidden, it’s difficult to physically locate them and it’s extremely difficult to follow the money.
  • The miscreants always demand ransom payments in Bitcoin for a specific reason. Bitcoin transactions are only ever recorded as addresses and not necessarily tied to anyone's identity, so it’s almost perfect for anonymous and often illegal usages like ransomware.

How do I protect myself from WannaCry and other ransomware?

If you don’t want to apply updates to your software or use antivirus you can always hope and pray. But if you’re serious about protecting yourself from both WannaCry and ransomware in general consider the following tips:
 
  • Some operating systems and software updates automatically. Some don’t. When updates become available, for instance, you will in all likelihood receive an alert, be sure to apply it as soon as possible.
  • If you’re using XP it would be good idea to replace it with a newer operating system, Windows 7 at least.
  • Be sure to use antivirus software. BullGuard antivirus provides layered protection and as such keeps out WannaCry, other ransom and all other types of malware.
  • Watch out for phishing emails. The fraudsters are endlessly inventive when it comes to crafting emails that look legitimate. It could be an email about an unpaid invoice, a parcel you need to collect or even a recipe. Their aim is to pique your curiosity and get you to open an attachment or click on a link to download the ransomware or other types of malware. If in doubt don’t hesitate to delete the email.
  • If you do get infected, don’t pay the ransom. It’s not unknown for the cyber fraudsters to take the money and run without sending the decryption keys.
  • Back up all your important files to an external source. In the event of a ransomware infection at least you will have copies of your files. BullGuard includes encrypted cloud backup to your Dropbox, Google Drive, or OneDrive.

Get a great deal

We don’t like to see anyone being infected with ransomware; it’s a costly and frustrating infection and deeply intrusive affecting your online life and leaving you feeling invaded.
This is why we’re currently running a special offer – a free 90 day trial for BullGuard Antivirus.
Why not give it a try?
BullGuard Antivirus is highly regarded, wins awards for the strength of its protection and regularly ranks highly in tests that assess the efficacy of antivirus.
There are no catches to this offer, no commitments required, it’s simply a free trial – and a great deal actually.
Go to this web page and simply download your trial.
 
Filed under: Internet Security

Written by Steve Bell

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.

More articles by Steve Bell

1 comments

  • james

    22 May 2017, 14:11

    good
  •  

Leave a Reply

 

 

 

Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

BullGuard
Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.