As you probably know, Ransomwares market has become a flourishing market, we’ve seen many types the last couple years, Locky, CryptoWall, CryptoLocker and many more made there way to end-users’ computers, but today is a historical moment, a new Ransomware called WannaCry is spreading in the wild and becoming the fastest growing Ransomware in the history !
What is WannaCry ?
Just like any other Ransomware, WannaCry is a malicious malware designed encrypt files and block users from accessing it until a ransom is paid, it asks initially for 300$ in the first 6 hours and increase the ransom to 600$ after, the latest reports said it has been spread in more than 99 countries and infected over 114000 devices, becoming the largest ransomware infection in history within just a few hours!
What makes WannaCry special ?
If you are interested in Security stuff, you would probably know of the recent NSA leaked hacking tools by The Shadow Brokers team, one of the tools exploits an unpatched SMB vulnerability (MS17-010), Microsoft has released the last month a security update to remediate the risk, but not all computers are up to date, and this is what makes WannaCry a real threat to even the largest organizations.
Once the malware infect a computer, it scans the entire internal network and infect other unpatched Windows computer using the same vulnerability.
Easy steps to protect yourself
In order to protect yourself against this Ransomware, I recommend you to complete the bellow actions:
- disable the SMB protocol from Control Panel or by typing the following command :
dism /online /norestart /disable-feature /featurename:SMB1Protocol
- Update your Windows OS; Microsoft has released an update even for non-supported OS like XP, Vista and 8, download the update from here: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
- Update your Anti-Virus with the latest virus signature database
- Backup your important data, either by using an external hard drive or by using a cloud solution, I’d recommend the first option
- Beware of Fishing attacks, DON’T click any suspicious link !
Latest posts by AYOUB BAHAR (see all)
- Integrate IBM Security Directory Server with QRadar (and any other SIEM) - March 25, 2019
- Dear Denuvo: Piracy Will Never Die! - July 25, 2018
- IBM DB2 HADR: Dummy guide - September 13, 2017