What is ransomware?
The first thing you need to know about WanaCrypt0r 2.0 (also known as WannaCry, Wcry, or Wanna Decryptor) is that it’s a type of malicious software called ransomware.
The name comes from the term ‘ransom’, which means to demand payment for a third party’s belongings that you’ve seized.
Once ransomware ends up on your computer system, it will encrypt your data so you can no longer access it. The software will then demand money in exchange for decrypting your software.
Ransomware software generally only demands a few hundred pounds or dollars. That’s because if the amount was too high, people would be unwilling to pay. Instead, hackers make their money from bulk payments, rather than individual wins.
It’s also worth noting that payment is often requested in Bitcoin, a virtual currency that’s much harder to trace than more conventional transactions.
What is WannaCry or Wcry or Wanna Decryptor?
WannaCry is just one example of ransomware, and can be bought online in secret black market forums.
The software has gained notoriety recently on account of it making its way into the systems of both Telefónica in Spain and the NHS in the UK.
It’s important to point out, however, that the NHS wasn’t necessarily specifically targeted. Hackers tend to create scripts that will try and push ransomware onto as many machines as possible, and the NHS was almost certainly just an unfortunate victim.
The NHS attack actually started in Lancashire, and then spread throughout systems at various NHS Trusts.
Part of the reason why the NHS is particularly vulnerable is that many NHS Trusts use outdated version of Windows, as far back as Windows XP. Without recent security patches, it’s impossible for a system to stay truly safe from hackers.
WannaCry Ransomware: How to protect yourself
- If you use Windows, install the patch that Microsoft has released to block the specific exploit that the WannaCry ransomware is using. You can find instructions on this page in the Microsoft Knowledge Base. You can also directly download the patches for your OS from the Microsoft Update Catalog.
- If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.
- Update your Antivirus software definitions. Most AV vendors have now added detection capability to block WannaCry.
- If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender which is free.
- Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.
For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.