Published: Sun, May 21, 2017
Hi-Tech | By Ellis Neal

How to protect yourself from ransomware attacks

The huge cyber-breached event, which kicked off on Friday, spread like never before and affected millions of computers and computerised data in over 150 countries.

"It does so by searching for them in the wcry.exe process".

"Clearly people who run supported versions of Windows and patched quickly were not affected", Trustwave's Mador said.

The WannaCry ransomware, which analysts say could have links to a North Korean group, hampered trains in Germany, locked up U.K. National Health Service computers and triggered the shutdown of Renault vehicle factories in Europe (see Is WannaCry the First Nation-State Ransomware?).

Never assume that your current antivirus software provides protection against ransomware, as it could be an outdated version that doesn't offer ransomware blocking. For the NHS the source of its problems was the rather embarrassing admission that 90 percent of its trusts still rely on PCs installed with Windows XP, Microsoft's 15-year-old desktop operating system.

The global WannaCry ransomware attack should be a wake up call for all companies about the threat ransomware poses.

Back up your critical data.

The Washington Post story reveals a clue as to why the NSA waited so long to reveal the flaw to Microsoft.

The researchers-Adrien Guinet, Matthieu Suiche and Benjamin Delpy-worked separately to find ways to decrypt files scrambled and held hostage by WannaCry.

Security experts believe WannaCry may have initially infected machines via email attachments.

The virus, called WannaCry, infected computers in organizations including the British healthcare system, the American company FedEx and Russia's Interior Ministry.

To make things worse, Microsoft, which used to provide custom security software support to its clients for $200 for each system in 2014, doubled the cost to $400 in 2015, thereby discouraging the companies from upgrading their systems.

Less than 300 payments worth around $83,000 had been paid into WannaCry blackmail accounts by Thursday (1800 GMT), six days after the attack began and one day before the ransomware threatens to start locking up victim computers forever. The result: "Users unlikely to get files restored", the company's Security Response team tweeted. They are a class of software created to infiltrate computers, and once inside, they lock up or encrypt important documents and data. "That's what the data shows", MWR research head Pratley said.

Like this: