WannaCry Ransomware Attack and 10 Ways to Prevent It
Almost no one remained unaffected by the WannaCry Ransomware attack in 2017. It stands as one of the largest cyber attacks to date, infecting not only the NHS (National Health Services) but also numerous organizations worldwide. Government entities in Russia, China, the US, and a significant portion of Europe fell victim to this devastating cyber attack, with India experiencing some of the worst consequences. The attack exploited EternalBlue, a vulnerability in Microsoft’s software discovered by the USA’s National Security Agency, leading to widespread chaos.
What is WannaCry?
WannaCry is a crypto Ransomware worm capable of rapidly spreading across computer networks. Initially targeting Windows computers, it encrypts important files on the hard drive, rendering them inaccessible to users. The attack becomes apparent when users find themselves unable to access their files or even the entire system. Subsequently, hackers demand ransom payments in bitcoin to decrypt the files.
Components of WannaCry Ransomware
WannaCry consists of multiple components. It first arrives as a dropper, acting as a self-contained program, before extracting victim computer application components and embedding them within itself. The components include:
- An application for encrypting and decrypting target data
- Files containing encryption keys
- A copy of Tor
The program’s code is relatively easy to analyze, lacking deception. Upon launch, WannaCry attempts to access a hard-coded URL, referred to as the kill switch. Failure to do so prompts it to search for and encrypt files, making them inaccessible to users. Eventually, users receive a pop-up ransom notice containing the demand for payment to decrypt the files.
Given the devastating impact of WannaCry Ransomware attacks, it’s crucial to prioritize prevention methods. It’s far better to prevent such attacks beforehand than to incur the costs and effort associated with paying the ransom and recovering lost data. Here are some prevention methods:
- Keep your Windows operating system and antivirus software up-to-date at all times.
- Regularly back up files to an external hard drive.
- Enable system protection or file history promptly.
- Utilize OneDrive for both consumer and business purposes.
- Avoid responding to phishing emails or clicking on malicious attachments. Report such emails to the relevant authorities.
- Use Microsoft Edge for better SmartScreen protection, restricting access to URLs hosting exploits and protecting against phishing and malware downloads.
- Disable the loading of macros in your business programs if possible.
- Disable remote desktop whenever feasible.
- Implement two-step authentication for added security.
- Always use a secure, password-locked internet connection.
Cyber attacks have become global challenges, emphasizing the importance of staying vigilant and taking timely action to protect oneself.
Stay updated and safeguard yourself!
