Friday's ransomware outbreak is ongoing, and while researchers work to stem the tide of infection, businesses, governments, and individuals can help the cause by making sure they have protected themselves.
WIRED’s biggest stories delivered to your inbox. Experts cautioned that the best protection was to download a patch Microsoft had issued in March. The only problem? Experts rightly said.
ransomware attacks
How to Check if MS17-010 is installed (Wannacry Ransomware patch). This article describes various options for checking if Microsoft Windows Update patches which patch the MS17-010 vulnerability are present on a Windows device. Download the Report file & Parameters file.
If your country or region isn't listed here, Microsoft recommends that you contact your country or region's federal police or communications authority. For an illustrated overview about ransomware and what you can do to help protect yourself, see The 5Ws and 1H of ransomware.
The attack is due to a kind of ransomware called Wanna Decryptor, also known as WannaCrypt, WanaCrypt0r, and WannaCry. The malware not only infects targets through traditional means -- such as phishing campaigns, malicious emails, and dodgy attachments -- but once a system has been infected, the malicious code scans for additional targets through networks and jumps to fresh victims.
When a system has been infected with WannaCrypt, the malware encrypts everything it can -- including the PC's hard drive and any connected devices, such as USB sticks and external storage devices.
The ransomware then locks users out of the system, throws up a landing page, and demands a $300 ransom payment in the virtual currency Bitcoin in return for files to be unlocked. This amount then doubles within a few days if payment is not forthcoming. Users are also threatened with the mass deletion of files within a week if they resist paying.
Read also: Remove ransomware infections from your PC using these free tools
If you've already been unfortunate enough to become infected with the ransomware, do not give in and pay up. The threat actors behind WannaCrypt have already made roughly $43,000 from the campaign, but there is no guarantee that you will gain your files back if you do.
Instead, unless -- or until -- a decryption key is released by security experts, the best option is to hold tight or restore your system from a backup. Alternatively, businesses can reach out to security professionals to see if infections can be eradicated without damaging their systems.
In order to be protected against this threat, it is necessary to understand that the attack only impacts those running on older Windows operating systems.
A security fix was released in March. It resolved the problem for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, and Windows Server 2016, which are still supported.
If you are running these versions and have not downloaded Microsoft Security Bulletin MS17-010, you should do so now manually, or allow Windows Update to do the work for you.
If Windows Update has been enabled, then automatic updates will be applied. If not, you should re-enable the system and do not disable it again so you receive security fixes as soon as they are available for future threats.
Users of Windows 10 are not affected by the ransomware.
In response to the threat, Microsoft has also released an emergency patch for legacy Windows operating systems, which (as out of cycle products) are no longer supported -- unless special support contracts are in place.
Simple attacks plus user willingness to pay ransoms to get their files back means ransomware is on the rise, warn Kaspersky researchers.
Security updates can be download and deployed manually for Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64 directly from Microsoft.
Grab the necessary security updates here.
Microsoft has also added a signature to the Windows Defender antivirus to detect the ransomware.
If it is not possible to patch, as noted by security expert Troy Hunt, you should disable Windows' Server Messenger Block (SMBv1) to prevent WannaCrypt exploit.
Failing this, another alternative is to lock-down machines and prevent them accessing the internet, or at least make sure network settings are as restricted as possible.
What the malware cannot reach, it cannot infect.
This should be a wake-up call for anyone and any business that still relies on antiquated operating systems that haven't been sold in decades. Threats that can cripped a business or destroy irreplaceable, personal content are real -- and security updates, however annoying, are important.
We are yet to see the full extent of how much damage WannaCrypt has caused, and new variants have already been spotted, so if there's any time to update systems and get them to modern OS standards, which are given regular security updates, it is now.
Read also:New WannaCrypt ransomware variant discovered in the wild | Ransomware attack: Hospitals still struggling in aftermath of WannaCrypt's rampage | Ransomware attack: The second wave is coming, so get ready now | WannaCrypt ransomware: Microsoft issues emergency patch for Windows XP | Ransomware: An executive guide to one of the biggest menaces on the web | Why patching Windows XP forever won't stop the next WannaCrypt (TechRepublic)
NEXT PREV
Related Topics:
Security Cloud Big Data Analytics Innovation Tech and Work Collaboration
MICROSOFT was forced to act quickly after more than 200,000 computers around the world were subject to a massive cyber attack.
It came amid concerns networks were left vulnerable because they were still using outdated Windows XP software.
What is Microsoft's MS17-010 Windows patch?
Microsoft released a critical security patch update for Windows XP, Server 2003 and Windows 8 after systems were infected by ransomware, known as WannaCry, on May 12.
WannaCrypt - an earlier version of the malware - used previously leaked tools by the US's National Security Agency to exploit vulnerabilities in the Windows platform.
Microsoft patched the vulnerability using MS17-010 in March - but only for current platforms.
Therefore those running older systems, such as Windows XP, Windows 8 and Server 2003 weren't provided with a fix.
After the international attack, Microsoft changed its stance on 'end-of-life' patching and provided a mass fix, according to CSO Online.
The WannaCry ransomware affected more than 200,000 victims, including a fifth of the NHS trusts as well as other major global businesses.
How can you protect your PC from Wannacry ransomware?
Microsoft has urged anyone who hasn't already updated their system with the security update to do so immediately.
Individuals should also install any other software updates and switch on auto-updaters where possible.
Microsoft also recommends running its free anti-virus software for Windows.
Marcus Hutchins, 22, from Devon, has been hailed an “accidental hero” after he managed to stop the virus in its tracks by triggering a “kill switch”.
But there are other steps you should be taking to ensure you keep your information protected. These include:
Ransomware Free Download
Ensuring you regularly back up your files by regularly saving copies in a completely separate system, such as an external hard drive.
Never click on links you don't recognise or download files from people you don't know or trust.
Install an anti-virus software and check for regular security updates.
INCOMING!
Horror simulation shows 1,200-foot 'God of Chaos' asteroid hitting Earth
Revealed
BAD APPLE
iPhone owners warned NOT to install latest update as it 'could get you hacked'
Pictured
DEAD STRANGE
Mystery of 'skeleton lake' where hundreds of people died over 1,000 years
Revealed
Game Patch Download
TEXT BEST THING
Genius WhatsApp trick changes your font – and your pals will be confused
INSTASCAM
Instagram 'making your posts public TODAY' is a hoax – but even celebs are fooled
ROCKING THE BOAT
Loch Ness monster may be REAL as scientist reveals new 'plausible theory'