Threats, like that of Wannacry ransomware, are on the increase. Many lack the knowledge how to protect against these attacks. Nowadays, there is an assortment of anti-virus software available. So it’s always worth talking with your IT support firm. Or contacting one. To find out what is the best for your needs.
Here we look at WannaCry ransomware. A current topic in the media following the NHS attack. As well as how you can protect yourself and your business.
How does WannaCry ransomware work?
This particular brand of ransomware has a range of names: WannaCrypt, Decryptor, or WannaCry. The ransomware recently used in the attack against the NHS, WannaCry is also known as WCRY or Wanna Decryptor. Essentially they all work in the same way. By holding a computer to ransom.
Travis Farral, from intelligence platform Anomali, was recently interviewed by WIRED on the subject of ransomware. He explained how ransomware worked by encrypting user files with RSA and AES encryption cyphers. This allows cyber criminals to decrypt files employing a unique decryption key. Once installed the hackers take control of a computer.
In other WannaCry attacks, targets received ransom notes along with instructions stored in !Please Read Me!.txt files. These files include links that allow users to make contact with the hackers. Furthermore they change the wallpaper of the target computer. To show a request that the user download ransomware via Dropbox. They then demand a bitcoin payment for it to work.
How can I defend against WannaCry ransomware?
The best way to defend yourself against WannaCry is to avoid clicking links sent from an unknown source. Security professionals recommend that Windows users carry out full system updates using the very latest patches.
Anti-malware software company Malwarebytes carried out a detailed analysis on how WannaCry infects its targets. As a result of the analysis, they advise installing OS updates daily to stop exploitations by the MS17-010 flaw. They also recommend the removal of any systems using Windows without a patch specifically for this flaw, from the networks they are in.
Further research indicates that when a system is hacked, they install a program called DOUBLEPULSAR. If discovered, the program needs removing as soon as possible. Certain anti-virus programs will protect against the program and some that don’t. For those who are more technical, there is a script that can identify and remove it.
At Ten Ten Systems, we aim to give you peace of mind in carrying out your business. We offer IT security services to prevent ransomware attacks. Our data backups ensure that should ransomware slip through the system. You are safe in the knowledge that you can restore you data.
If you have any concerns about the likes of WannaCry. Then call or visit us at our Chester office for a full IT check-up.