Online Support

WannaCrypt Outbreak and How to Stay Safe

WannaCrypt Outbreak and How to Stay Safe

Most people nowadays understand not to download suspicious software from obscure websites and how to turn on an anti-virus software. That is not enough to protect you from the WannaCrypt virus though. It gets into your computer through innocent looking emails and once it downloads in the background of your computer it spreads through your network like wildfire.

It uses an outdated Windows Server networking protocol to unleash its wrath on unsuspecting networks. Microsoft is given credit for this protocol’s creation but, IBM created it in early 1983. Over time Microsoft took over its development. If you ever streamed a video from Windows Media Player to another device on your network than you have seen this protocol at work. This protocol became the standard for almost all operating systems including; Linux, macOS, and Unix.

The reason it spreads like wildfire is because of the mentioned standardization. Since it attacks your entire network once one computer gets it, they all can. The technology exploited and used to spread WannaCrypt was built from the NSA hacker tools known as EternalBlue/DoublePulsar. These tools allow remote host to run code on Windows system via the Windows Sere networking protocol via SMB made packets. DoublePulsar is a trojan horse that creates and opens a back door on the infected machine(s). These combined open the doors for the virus to spread.

After your machines are infected it will create a registry file hidden deep inside your machine. This file will then unzip the actual archive that infects the computer. This hurtful program than begins to encrypt every file it can scan. It starts renaming the files it scans by adding “WNCRY” to each file name. For example if you have a file called “Storm Internet How-To.pdf” it would rename the file “Storm Internet Hot-To.pdf.WNCRY.”

Then the real virus kicks into overdrive and started encrypting all your shadow and backup drives. It prevents you from being able to recover your system via a local-backup.

The virus asks for $300 worth of bitcoin to get your system back but, there is no record of anyone paying and getting access back.

How can I protect Myself?

Windows has released a patch for this exploit. They even released an update for Windows XP to fix this exploit which is unheard of for a discontinued operating system. All you have to do is keep your operating system updated and stay calm.

 

Did you know? With Storm’s fully-managed remote working solutions you’ll never have to worry about updates or keeping your system protected. It’s all taken care of. For more information, call us on 0800 817 4727 to learn more.

0800 817 4727