By now, we are sure that you have heard something about wannacry ransomware. There may be a lot of questions in your mind such as What is wannacry ? How it works ? Who created it? also your system is secure or not? In this article we will cover most of the important points you should know about wannacry ransomware. As a result of this article you can secure yourself from this type of attacks as well as from other similar attacks in the future.
In our previous article , we gave you a brief description on ransomware attacks. i.e.,What is Ransomware? How it performs encryption activities in user system?.
If you are working on unsupported windows system, you are advised to upgrade your system or install the latest windows security patch .
What is Wannacry and how it works? Why wannacry is more dangerous than others?
What is wannacry?
It has been reported that a new ransomware named as “Wannacry” is spreading widely. It became the largest ransomware attack in history within few days.
How it works?
Wannacry is same as other ransomware attacks listed in our previous article.Once your system gets infected with wannacry ransomware, it starts encrypting files and blocks your access to system. It then asks to pay some money to unlock the system.
Why it is more dangerous?
What makes wannacry more dangerous in comparison to other ransomwares is the ability of self spreading by exploiting vulnerable Windows Systems. It can spread itself even without clicking on any file.
Attackers creating wannacry ransom uses exploits leaked from NSA. NSA was using this windows exploit to monitor user system. Later wikileaks leaked tools and exploits used by NSA in its Vault7 project. Click to know more about Vault7 project.
Who is behind this cyber attack? Is wannacry attack is over?
Attackers behind this attack are still not known. Mostly these large scale attacks are propagated by nations to ruin industries of other nations.
“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” said Europol, Europe’s police agency.
The answer to this attack is over or not :-
No, This is just the beginning of these kind of attacks. The vulnerability used by first wannacry ransom was fixed by Microsoft. But researchers found a newer version of ransom. Reportedly, this new ransom is not from the hackers behind first ransom instead by someone else.
This ransom is even worse and can not be stopped by kill switch( Patched by Microsoft).
There may be more attacks of such kind in future. Some from script kiddies while some from group of proficient hackers.
How to protect from wannacry ransomware cyber attack?
Now after reading the whole article, there is an obvious question about how to protect the system from waanacry ransomware cyber attack. Follow below steps to protect yourself from ransom:
- Install security updates: If you are using windows below window 10 version, make sure to install security updates in your system.
- Patch windows SMB vulnerability : As we all know that Wannacry uses SMB vulnerability( Microsoft patched it). Follow the link to install SMB patch from microsofts.
If you are using the unsupported version of windows, use the following link to patch the SMB vulnerability.
- To prevent wannacry ransomware cyber attack, it is advisable to disable SMB( Service message block).
Follow the below steps to disable SMB:
1. Open Control panel
2. Click on programs
3. Open “Turn Windows features turn on or off”
4. Now uncheck “SMB 1.0/CIFS File Sharing Support”
5. Click on ok and restart your computer
- Enable windows firewall: Configure the firewall to block access to SMB ports over the internet.
- Use reputated antivirus: The best solution to prevent yourself is to use an antivirus. Remember to keep your antivirus up to date for prevention.
- Do not open suspicious emails, websites and applications.
- Always backup your important data.
- Follow our site to keep your knowledge up to date.
Note: In case you are infected with such attacks, never pay to attackers. By paying, you are motivating them to continue such activities.
Have something to ask???? Please ask in comments or contact us.
Follow us on Facebook, Google Plus and Twitter.