Layman’s Guide to WannaCry Ransomware

No doubt this century is dominated by computers and internet technologies. The life has been eased to a greatest level with the use of IT. Thanks to the cutting edge technology, the most of the work can be done online with the use of IT tools. But the evil minds are everywhere and one such mind can cause a significant harm to the society by exploiting the flaws of the technology. WannaCry virus (also called WannaCrypt or wCry) is one such threat. Let us discuss about this virus in the language of a common man and try to understand how can this affect your life.

What is WannaCry Virus

WannaCry virus is a ransomware which means the hackers encrypt your computer files using an exploit in MS Windows and seek money in order to de-crypt the files for you. Often a deadline is set for payment and the files may be deleted if unpaid. Last week thousands of computers have been compromised in UK hospitals due to this threat.

Story starts earlier this year when NSA hacking tools were leaked and an exploit of old Windows system was detected. Microsoft patched the security immediately and updated the Windows. The updated Windows are totally free from virus but the computers having old levels of Windows which are not updated are highly affected. Worse thing is that it spreads like a forest fire through LAN connections. The virus can spread though emails and other connections as well.

Below is a process flow of the virus:

  1. Hackers exploit the servers and intrude the computers
  2. Hacker encrypts the important files stored on system memory
  3. A ransom money is asked in lieu to de-crypt the files (mostly in the form of bitcoins or other soft money modes)
  4. Ransom amount may be increased if not paid within asked time frame
  5. In failure to payments, the files are deleted from the system

How can you protect yourself from WannaCry?

  1. Update your computer immediately to the latest level. Accept all updates from Microsoft
  2. Set Windows updates to automatic
  3. Update your antivirus to the latest version and latest definitions
  4. Do not open any suspicious emails and attachments
  5. Disable macros in MS office programs
  6. Block the attachments of file types, exe|pif|tmp|url|vb|vbe|scr|reg|cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsf
  7. Keep the operating system third party applications (MS office, browsers, browser Plugins) up-to-date with the latest patches.
  8. Follow safe practices when browsing the web. Ensure the web browsers are secured enough with appropriate content controls.
  9. Restrict users’ abilities (permissions) to install and run unwanted software applications.
  10. Individuals or organizations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and Law Enforcement agencies
  11. Take an offline backup of your important files

We hope with these precautions you can stay safe from WannaCry virus threats.

Here is an official communication from Microsoft on the threat.

Leave a Comment