Still Crying

The danger from WannaCry is still far from over. Unlike most ransomware, the WannaCry virus can spread without any interaction – you don’t need to click a link or download anything, making it a particularly vicious and virulent for unpatched computers. When executed, the ransomware encrypts your files and demands that you pay a ransom to retrieve your data.

Curiously, the initial attack was partially curtailed by accident. Over the weekend, a UK security researcher with the twitter handle “@MalwareTechBlog” registered a URL that activated a kill switch within the software. However, this only slowed down the spread. New variants and copycat attacks have made this virus even harder to stop.

 

Video by Hacker House, a network security firm in London, showing in real time how fast an infected WannaCry ransomware computer (left) spreads the MS17-010 worm to another PC (right).

If you are running a system without the latest Microsoft patch, you are still at risk of being infected. Microsoft has even released patches for unsupported versions of Windows (downloadable here). Similarly, disabling SMB will prevent this exploit.

Worried about Ransomware? Sign up for our upcoming Free Training Friday webinar on Friday May 26th at 12pm Pacific: Keep Ransomware Out: How you can stop ransomware and exploits before they strike.

Want to learn more about Ransomware? Watch (or read) as our Chief Solutions Architect Tomas Suros discusses recent ransomware attacks, what happens to computers that are infected, and how to limit exposure: