Spade Technology: Blog

What We Know About WannaCry Ransomware

WannaCry has brought huge public organizations to their knees. Find out now how to protect yourself from the debilitating ransomware.

I know something about WannaCry!

The name WannaCry is ominous enough to make it clear just how bad the latest cyber attack truly is. The cyber attack has been linked to debilitating attacks across the globe and targeting seemingly impenetrable systems. If you haven’t yet heard of WannaCry, you need to find out more now. Otherwise, you may find yourself the target of malicious ransomware and having to pay $300 or more to get your computer back up and running.

What’s WannaCry?

WannaCry is a type of ransomware, which first appeared on May 12, 2017. The malware found its way into thousands of computers worldwide due to a Microsoft vulnerability. Once the malware infects a computer, data is encrypted to prevent user access. The infection is obvious since a screen will pop up demanding money for the return of your data. A deadline is set with the ransom amounts increasing the closer you get to the deadline. If the ransom isn’t paid, the hackers delete your files and your data become unsalvageable.

Why the mass attack?

One of the main reasons for the success of the ransomware is due to the vulnerability on older Windows computers. Despite a March 2017 patch released by Microsoft to provide protection against the vulnerability, not all computers are protected. Microsoft only provides support for Windows Vista computers and later. Those companies who were running Windows XP or earlier wouldn’t have received the patch. Many large firms still run on the outdated operating system. Because of this, estimates from the White House homeland security advisor concluded more than 300,000 computers fell victim to the ransomware. The rate of infection was so startlingly that Microsoft decided to extend the patch update to users with older versions of their operating system.

Who got hit the hardest?

Across the United Kingdom, patient care was severely at risk when WannaCry infected the National Health Service network. There were as many as 40 hospitals and 24 trusts infected with the ransomware. Everything within these healthcare systems was affected from imaging programs to patient charts. Non-emergent patients had their appointments canceled and many physicians and nurses were unable to view patient information on their systems. Since 90 percent of hospitals in the UK run XP or older, the organization was an easy target. Other European businesses hit by the malware included Nissan and Renault. Asia was also hit hard by the attacks due to the large incidence of pirated Microsoft operating systems within the country. Utility companies in Asia reported outages and large Japanese manufacturers like Hitachi were also affected by WannaCry.

WannaCry Protection Tips

Cyber security firms have been proactive in dealing with WannaCry and the attack is largely mitigated. Microsoft has urged PC owners to turn on the auto-updating setting. The security update to protect against WannaCry can also be manually downloaded.

When the malware first gained traction, a security firm found a kill switch to stop the attack. However, hackers have updated the program to prevent the kill switch from working. Since the ransomware is so effective, it is believed over $70,000 in BitCoin has been paid to the hackers. Experts advise cleaning your computer and using backups if possible to restore data instead of paying the hackers.

Many WannaCry attacks originated from attachments on phishing emails. Always practice extreme caution when opening any attachments, especially from unverified senders. Also, enable your Windows computer to show file extensions since this helps you spot malicious software. Common extensions to be wary of include .exe, .scr, and .vbs. When in doubt, use caution to save you the headache of handing cash over to cyber criminals.