I bet there are lots of people who want to cry after being hit this Easter Weekend with the WannaCry ransomware.
What is WannaCry and why should I care?
Also known as Wanna, WCry, WannaCry, WannaCryptor and Wana DecryptOr, this ransomware hit mostly Windows machines running versions prior to Windows 10. The way this attack works is the same as per other previously known ransomwares: it encrypts files that are stored on the devices connected to the computer (hard disks, etc.) and demands payment in Bitcoin for the decryption key.
Unless you pay before the time expires, you won’t ever have access to your files again. Also, it is not granted that once you pay the hackers will give you the decryption key.
How to stop crying and protect your files in 5 easy steps
The following tips may sound a little cheap, but the damage that WannaCry was able to bring was also caused by computer owners and system administrators not paying much attention to basic computer security techniques.
To put it simply: backup offline and keep your system and Antivirus software updated.
1. Always backup your files
Always, always do backups. This is not just for ransomware attack prevention. Having a backup of your data stored on offline devices such as External Hard Disks (that are unplugged from your computer when they are not needed) is the best way to prevent the loss of all of your files in any occasion (hard disk failures, viruses, data theft, etc.).
2. Update your Windows Operating System
First of all, always use officially supported versions of your operating system on computers that are connected to the internet. Windows 7 machines were the most attacked by WannaCry, but many institutions still run Windows XP, which is very vulnerabile and, even though Microsoft released a special security patch for the occasion, they suspended support to it on April 2014.
If you have an old, no longer supported version of the Windows operating system or if you do not regularly install Windows Updates when they roll out, you are putting your files in danger. If WannaCry didn’t hit you it does not mean you are safe from it and from other ransomware attacks.
If you have not updated your Windows operating system from last March, chances are you are in danger of getting hit by the WannaCry ransomware. The one that WannaCry exploits is an old flaw that has long been fixed by a system update. Still many computer users do not regularly update their software, hence their risk of being hit by viruses incresases.
3. Update your Antivirus software
Most Antivirus today have a Free subscription that you can make use of to keep your computer safer. As said, WannaCry exploits old security flaws and many updated Antivirus softwares can already help you defend against this and other ransomware.
4. Disable SMB1 on Windows 7/8/10
SMB stands for Server Message Block and it is a network file sharing protocol that enables the sharing of files, printers and more between computers. There are three versions of such protocol (SMB1, SMB2 and SMB3) and Microsoft has long suggested to disable the SMB1 for security reasons. With WannaCry at large this is even more important.
You can check an easy guide on how to disable SMB1 on your Windows system over at The Windows Club.
5. Don’t pay
This is a pretty useless advice if you always keep backups of your files, but still: paying the ransom will not guarantee you that you will get the decription key to access your files from the attackers.
It has been found out that the decryption operation is not automatic, but have to be manually issued by the attackers. This requires even longer times to get your files back (and less chances that it could actually happen).
Also, by not paying the attackers you are probably doing a good job in not making the ransomware a lucrative business.
For more information about the current status of WannaCry and other ransomware, please check relevant security news websites such as the F-Secure blog.