WannaCry continues spreading; taking precautions is still important
Nevertheless, WannaCry ransomware launched its hazardous attack a month ago; it continues threatening online community with new versions of malware. Since May 12, 2017, malware together with its counterparts – WannaCryptor, WannaDecrypt0r, and many others – managed to invade more than 230,000 computers in 150 countries.
Cyber criminals have shown their determination to this illegal project. Once the distribution of the second version of the ransomware was slowed down by exploiting kill switch function, they released a WannaCry 2.0. Unfortunately, it didn’t take long for WannaCry 3.0 to emerge as well. The latest version of ransomware seems to be more aggressive and dangerous than ever. Thus, taking precautions is important to protect your computer and files from the attack.
6 tips for WannaCry prevention
All variants of WannaCry exploit security vulnerabilities. Thus, it’s important to detect and fix all possible flaws in the system in order to avoid the disaster.
1. Upgrade to Windows 10.
Malware aims at unsupported and outdated Windows versions. Meanwhile, Windows 10 users are not in the target field of the ransomware. Thus, upgrading may help to avoid the attack.
2. Install necessary security update.
The ransomware uses the EternalBlue exploit that aims at Windows OS vulnerability. Fortunately, Microsoft released a security update even for unsupported Windows versions. Thus, if you are not willing to upgrade to the latest OS version, you have to install MS17-010 security update.
3. Disable SMBv1.
The exploit used by WannaCry takes advantage of the vulnerability in SMB (Server Message Block) protocol. Thus, you should follow Microsoft’s instructions and disable SMBv1 on your PC.
4. Update software.
Outdated software might help malware to enter the system. Thus, updating all the programs that are installed on your computers is a must. However, if you do not use particular programs, you should uninstall them and do not think about latest updates.
5. Install professional security software.
The reliable security program is crucial for protecting a computer from cyber threats. However, you should not forget to update it regularly as well. Thus, we recommend enabling automatic updates.
6. Backup your files.
Create copies of the most important documents, photographies, and other important data, and store it in the external device, such as USB. In case of the attack, you will not need to worry about data recovery because you have everything saved.
Steps to take after WannaCry attack
The virus is sneaky and dangerous. Thus, even if you have taken all precautions, it may still find the way to invade your computer. If this unpleasant situation happens to you, follow these steps:
1. Decide if you are going to pay the ransom or not.
Cyber criminals demand to pay few hundreds of dollars for the possibility to decrypt files. However, it’s a risky solution because once the payment is made, you may not receive a promised help. Thus, we do not recommend relying on this data recovery method.
2. Disable the virus.
We assume that you won’t pay the ransom. Thus, you need to start WannaCry removal immediately. The first step is to reboot the computer to the Safe Mode with Networking and disable it. If you have installed security program, update it. If not, install a professional software.
3. Scan the system with a security program.
Running a full system scan with antivirus or malware removal program helps to delete all ransomware-related components from the system entirely.
4. Recover your files
Once the virus is deleted from the system, you can plug in USB or another external storage device with backups and copy necessary files. If you do not have them, you can try recently emerged decryptors – Wannakey and WanaKiwi. If you still have encrypted files, you should be patient and wait for the release of the new decryptors.