WannaCry Ransomware: What is it & How to Prevent?

The WannaCry malware is a scary type of Trojan virus called “ransomware.” As the name sound, the virus in effect holds the infected computer hostage and demands that the victim pay a ransom in order to regain access to the files on his or her computer.

WannaCry works by encrypting data on a computer that has been infected. It then asks the user that their files have been locked and displays information on how much is to be paid and when, all the payments are taken through Bitcoin.

WannaCry ransomware could arrive as an email attachment or as a download on your computer. For your system to become infected, you’ll have to click on or downloading the attachment or file, which causes the program to run and infect your computer with ransomware.

WannaCry prevention advice

  1. Disable smb v1, this prevents Wannacry from spreading within your network.
  2. Install the Microsoft patches, this also prevents Wannacry from spreading within your network. For more information click here

How to prevent attack?

  1. Alert, Take A Back-up : Have a recovery system in place so a ransomware infection can’t destroy your personal data forever. It’s best to create two back-up copies: one to be stored in the cloud (remember to use a service that makes an automatic backup of your files) and one to store physically (portable hard drive, thumb drive, extra laptop, etc.). Disconnect these from your computer when you are done. Your back up copies will also come in handy should you accidentally delete a critical file or experience a hard drive failure.
  2. Use robust antivirus software to protect your system from ransomware. Do not switch off the ‘heuristic functions’ as these help the solution to catch samples of ransomware that have not yet been formally detected.
  3. Keep all the software on your computer up to date. When your operating system (OS) or applications release a new version, install it. And if the software offers the option of automatic updating, take it.
  4. Trust no one. Literally. Any account can be compromised and malicious links can be sent from the accounts of friends on social media, colleagues or an online gaming partner. Never open attachments in emails from someone you don’t know. Cybercriminals often distribute fake email messages that look very much like email notifications from an online store, a bank, the police, a court or a tax collection agency, luring recipients into clicking on a malicious link and releasing the malware into their system.
  5. Enable the ‘Show file extensions’ option in the Windows settings on your computer. This will make it much easier to spot potentially malicious files. Stay away from file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can use several extensions to disguise a malicious file as a video, photo, or document (like hot-chics.avi.exe or doc.scr).
  6. If you discover a rogue or unknown process on your machine, disconnect it immediately from the internet or other network connections (such as home Wi-Fi) — this will prevent the infection from spreading.

The general advice is not to pay the ransom. By sending your money to cyber criminals you’ll only confirm that ransomware works, and there’s no guarantee you’ll get the decryption key you need in return.