You may have seen the terms WannaCry, WanaCry, WCry, or Wanna Decrypt weaved throughout the news the past few days. This is referring to the most recent global ransomware attack. Initiating in Europe on Friday, per White House Homeland Security adviser Tom Bossert in Monday’s midday White House briefing, it has spread to over 300,000 computers in over 150 countries. So what does this all mean and what can you do to protect yourself from ransomware?

What Does It Mean?

Ransomware: malware planted illegally in a computer or mobile device that disables its operation or access to its data until the owner or operator pays to regain control or access.

Malware: software intended to damage a computer, mobile device, computer system, or computer network, or to take partial control over its operation

Ransomware isn’t a new idea, but if you haven’t heard of it before this outbreak, the simple explanation is that if a computer gets infected, certain common files (such as JPG and PNG pictures, DOCX Word documents and PDF files) get encrypted with a secret key that only the attacker holds. In order to get those files back in one piece, the attacker requires a payment (in WannaCry’s case $300-$1200) to get the key in order to decrypt the files.

What Can You Do to Protect Your Devices?

A patch for this attack was released by Microsoft, which fixed the vulnerabilities on all modern-supported OSes (Windows 7, 8, 8.1, 10 and XP is even included).

Other prevention advice offered by No More Ransom!:

  • Back up your computer and store the safety version in the cloud or on a drive that is not connected to your computer.
  • Use robust antivirus software.
  • Keep all the software on your computer up-to-date. Enable automatic updates.
  • Never open attachments in emails from someone you don’t know. And remember that any account can be compromised.
  • Enable the “Show file extensions” option in the Windows settings on your computer. This will make it much easier to spot potentially malicious files. Stay away from file extensions like “.exe,” “.vbs” and “.scr.”

If you find a problem, disconnect your machine immediately from the Internet or other network connections (such as home Wi-Fi).

 

For more detailed information on the WannaCry ransomware attack, check out the following publications:

http://www.ntca.org/images/stories/Documents/Communications/flash_wannacry_final.pdf

http://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday