Ransomware is attacking all over the world. According to the latest news, this attack has been reached to more than 90 countries and more and more people are being affected by the same. With the expansion of this attack, many organizations and institutions are issuing their advisory notes and point to be kept in mind to be aware of this attack. As a part of the precautionary measure and as our social responsibility towards our beloved readers, we are giving you a complete detail of this attack and what you should do to be safe and unaffected by this attack.
What is Ransomware?
Ransomware is malicious software that encrypts the contents of the Computer System and device and demands a ransom (money/bitcoin) to unlock it.
What is WannaCry/WannaCrypt Ransomware?
A dangerous ransomware named ‘WannaCry’/‘WannaCrypt’ encrypts the files on infected Windows System.
All versions of windows before Windows 10 are vulnerable to this attack if not patched for MS-17-010. Firstly system is affected and then it encrypts the files on that system. After that, it shows a pop up with instructions on how to pay the $300 in bitcoins to decrypt and get back the original files.
How is it spreading?
It is spreading through malicious e-mail attachment. The ransomware spreads by clicking on links and downloading malicious files over internet and email. It is also capable of automatically spreading itself in a network by means of a vulnerability in Windows SMB. Initial ransom was of $300 but the group is increasing the demands up to $600 in bitcoin.
What should you do?
Ensure all Computers, Workstations, and Servers have the latest Microsoft patches, especially the ones related to MS17-010.
Ensure AV (Anti-Virus) signatures are updated on all assets.
Block ports 139, 445 and 3389 in the firewall.
Apply Patch for vulnerabilities used by this ransomware from Microsoft and apply security updates from Microsoft, especially for MS17-010.
Ensure that security solutions are switched on all nodes of the network.
Take a regular backup of your important data and store offline.
Perform Full System Scan using installed security software.
What should you not do?
Don’t open file namely Mssecvc.exe and Taskche.exe.
Don’t use crack Operating System and software on your computer.
Don’t open/click any pop-up on your web browser.
Don’t enable the auto-download option of your browser.
Don’t open attachments in unsolicited e-mails even if they come from the people in your contact list and never click on URL content in an unsolicited e-mail.
Don’t pay the ransom. Keep your security software up-to-date with latest updates.
Don’t open any spam or unwanted e-mail.
What should you do if your system is infected by WannaCry/WannaCrypt Ransomware?
Immediately isolate the system from the network.
Preserve the data even it is encrypted.
Report incident to concern law enforcement agencies.
So, this was all about this dangerous attack and we hope that these measures will keep you safe from this attack. We will keep you updated with this attack and we will do all possible efforts to make our readers’ system and devices safe and secure. Till then stay tuned with KNine Vox for further updates.