You’d be hard-pressed to miss last week’s biggest headline, the WannaCry cyber-attack sent shock-waves around the globe. Home computers, businesses of all sizes, and even police departments found themselves crippled without warning.
Among the most prominent victims were many NHS hospitals in the UK, affecting up to 70,000 individual devices such as essential MRI scanners and blood-storage refrigerators. However, by the time it hit the news, it was too late – either your system was protected, or it was infected. Here’s how it all went so wrong…so fast.
Lets learn about Wannacry Ransomware
What is WannaCry?
The WannaCry cyber-attack was a type of malware (the collective name for computer viruses & bad juju) called ‘ransomware’. Just like the name suggests, it’s actually a demand for money. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until you pay.
In this case, the price was set at $300, payable with internet currency Bitcoin, and you had 3 days to pay before it doubled. If you didn’t pay, the ransomware threatened to delete your files permanently. It’s yet unknown how much money the WannaCry hackers have earned with their latest attack, but you can be sure plenty of people have paid the ransom. Even the FBI recommends paying the ransom, especially if the ransomed files are of a sensitive nature or weren’t backed up.
How It Spread So Fast
WannaCry is a ‘computer worm’ that self-replicates and spreads through a vulnerability in Windows, rather than a phishing attack email that needs to be activated with a click. So far, no common trigger has been identified, as is normally the case with phishing links. WannaCry moved rapidly from system to system, spreading through the entire network, including all connected backups and storage devices. At the same time, it spread out to infect other networks, who then spread it further, and so on. Given the nature of the internet, it was everywhere within hours. Think of it like a super mutant Flu…but for computers.
Why Some Computers Were Safe
WannaCry could ONLY infect systems that had fallen 2 months behind in their Windows updates. This is because it was created to take advantage of a specific vulnerability in Windows, one which Microsoft patched months ago. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – no longer supported). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected – the virus literally had no way in.
It just goes to show the importance of staying up to date. We haven’t seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick update could protect you or your business from weeks of downtime and lost revenue, making attacks like this a non-issue.
Springfield PC PROS has developed a unique set of rules we can apply to your computer to lock down your system and help protect it from the Ransomware of today as well as tomorrow. Contact us for more details.
We will be launching our new website shortly!