A new strain of Ransomware called WannaCrypt (appropriately dubbed WannaCry) is at large and creating a media storm. It is concerning many computer users worldwide, but here are some tips to assist with managing it.
Firstly, what is it?
WannaCrypt is a type of Ransomware. Ransomware encrypts computer files so that they are unreadable. The creator of the malware generally demands money in exchange for the key to unlock/decrypt the affected files.
The typical means of infection is by clicking on an attachment or URL in a malicious phishing email. Clicking the URL or attached file initiates the installation of the malware on your computer which proceeds to encrypt files you have access to.
WannaCrypyt is particularly aggressive in that it not only affects your computer and network files, but once installed, it also scans for other windows computers on the network and attempts to automatically infect those which have a known Windows vulnerability.
Will I get infected?
This is a loaded question due to organisations or individuals having different configurations and setup, however to employ maximum safety, the following steps are recommended:
User awareness: Never click on suspicious/unknown attachments or links in emails. Think before clicking on anything that you are not expecting to receive. In most cases, Ransomware has entered a network because of somebody clicking on a URL or attachment in an email or visited a compromised website.
Patching: Do not delay your windows update. If you are being prompted to install updates by Windows give yourself some time each week to run updates and allow them to install. Microsoft released a patch to address the vulnerability exploited by WannaCrypt in March 2017. Regular updates on your PC and servers would have ensured protection from this vulnerability.
AntiVirus: Ensure you are using AntiVirus software and it is up to date. Rock IT clients use Webroot (a green circle with a W in the system tray) which is updated regularly with definitions that identify and stop known viruses before they can start running on your computer.
Email filtering: Is a must these days. Most email providers such as Office 365 and Gmail provide their own basic mail filtering services. Advanced filtering technologies targeted specifically at Ransomware protectionare also available.
Web Filter: Although less common than email filters, web filters check whether the site you are visiting has a good or bad reputation and either warn or block before allowing access to the site.
Backups: Once infected with Ransomware, the only way to ensure a full recovery is to restore from backup (or pay the Ransom which is not recommended!). A robust backup plan is critical in your Ransomware defence.
Contact Rock IT for advice on how to secure your systems.