How to stay safe from ransomware like WannaCry
WannaCry, the latest ransomware locks your files and demands to make payment to regain access. If you don’t do that, your device will remain locked and in result, you will not be able to access your data.
As of now and according to software security companies, this latest malicious software has affected nearly 200,000 computers in 150 countries on last Friday. Severe effects of this ransomware were noticed in Russia, Ukrain and Taiwan.
This hack also affected British hospitals which had to turn away patients and threw several Spanish companies and other government agencies and businesses into chaos.
Web security experts from Kaspersky Lab and Symantec have said that some part of the code in the previous version of WannCry Software had also appeared in programs used by a cyber attack group known as Lazarus. They have also concluded and identified it as a North Korean-run hacking operation.
But you can stay away of a ransomware like WannaCry once you know how it works. The program like this encrypts the files it gains access to and demands ransom from device owners to regain the access.
The target platform of WannaCry ransomware is Microsoft which is one of the widely used operating systems in both personal and professional operations.
Up on infecting a system, the malware triggers a pop window instructing how the amount of $300 can be paid and the access can be regained.
Also, the pop up shows two countdown clocks; one for showing that there is three-day deadline and after it the ransom amount will be doubled and, the second one for showing when the targeted device will lose its data forever. It demands to make payment only in bitcoins which are also as mysterious as the malicious program like WannaCry itself.
This ransomware was originally spotted with the name WCry but analysts are using its possible variant WannaCry.
So how does a malware like WannaCry infect a system?
A malicious program like WannaCry gets into computer when a link to malicious file is clicked which in result, installs the malicious software into the system and then holds the data and asks to pay ransom to get that data released. Though, security experts doubt whether the access will be provided again or not.
Some security researches have concluded that instead of relying on human to spread, the infection of WannaCry seems to be deployed via worm which spreads by itself.
There are other forms of ransomware which execute programs which can completely lock your computer and show a message to make payment to regain the access. Some of them create irritating pop-ups which are difficult to close and do not leave a computer use-worthy in any way.
Who has been affected so far?
Russian, Ukraine, and Taiwan have been spotted to be the top target of the attack but as the web is universal, people from other countries have also reported similar infections.
The healthcare sector is highly vulnerable to risks because people here either have poor or no knowledge about digital security. Staffs in healthcare sector have no understanding of cyber-hygiene and they keep clicking any phishing links reaching them.
How you can stay safe from WannaCry
The Microsoft’s Malware Protection Center has suggested following precautions to avoid any such infection:
- First and foremost – Install and regularly update an antivirus solution
- Keep your system updated
- Do not click unknown links or open mail attachments from unknown sources
- Turn smart screen in Internet Explorer on. It helps in identifying the reported phishing and malware websites and informs you about it when you visit the same infected websites.
- Enable or have a pop up blocker in browser
- And keep taking backup of your valuable files
On the next day of the attack, a cyber security expert revealed to news agencies that he had discovered how WannaCry led attack can be stopped. He found solution when he registered the same domain name which was used by the malware. He said that he found the solution accidentally. But, it will not help computers already affected.
Also crisis isn’t over because attackers can always change the code and try it again.