One of the largest cyber attacks- the WannaCry ransomware attack- has been causing widespread destruction over the weekend. WannaCry has affected an excess of 200,000 systems in over 114 countries. With the majority of attacks targeting Russia, Ukraine and Taiwan. The National Health Service (NHS) in the U.K. confirmed infections at 16 medical institutions.
What is WannaCry Ransomware?
WannaCry ransomware is spread from web sites, links, email attachments and plugging in USB drives. WannaCry spreads over networks so if even one computer is affected, the rest on the network can also be compromised.
The worst part about this variant, it doesn't warn you of an infection until it has encrypted all your files. Once this happens you either must restore from a backup, or pay the ransom through Bitcoin.
What You Can Do
The biggest threat is the fact that WannaCry exploits a vulnerability in the Windows operating system. Microsoft has released patches that need to be applied to both servers and workstations. If you haven't already, do this immediately or contact your IT provider if you're unsure.
Prevention starts with the end-user:
- Never open attachments unless you are expecting it
- Hover over links to verify the URL address before clicking
- Report anything suspicious to IT immediately
Experts are expecting a second wave of attacks to be reported today as people get back to work and turn their computers on. Ransomware was the most prevalent online threat in 2016, with over 40,000 attacks per day at times, and reaching well over 65% of all spam messages that carry malicious payloads.
Download iV4's Ransomware Prep Checklist to learn how to protect your organization from Ransomware.