Do I have Ransomware?
How do you know if you have ransomware on your computer? Let’s say you sit down at your computer to work on an important project. After it turns on, you meet a popup that states, ” You must pay 0.3 Bitcoin to decrypt the data on this computer.” What do you do and what is ransomware?
Ransomware is a computer virus designed to encrypt every stitch of data on your machine. If you are unlucky, it will traverse the network you are connected to, encrypting each machine.
Currently, there is a ransomware attack happening around the world. The name of the current attack that has hit 75 countries and counting is Wannacryt or Wanacry. It is targeting windows machines and is extremely contagious. The vulnerability that the virus is utilizing was patched by Microsoft in March of 2017. Organizations that are slow in updating Windows installations are being specifically targeted. As of today, hospitals and government agencies seem to be the most effected.
How to Stay Safe
We recommend that you update all supported versions of Windows, from Windows 7 and up. If you are using Vista, XP, 2000 or older, remove these machines from your network or segment them in a way to disallow internet and email connectivity.
Users should be especially careful with email and practice safe emailing. Be very cautious of attachments and review the email sender, sender name spelling and subject line. Anytime you are connected to the internet, you must be smart and aware.
Note: the Wannacry ransomware is using exploits that were used and maintained by the NSA. These exploits were recently disclosed in the vault 7 Wikileaks release.
Windows XP Update
Microsoft recently put out a patch for Windows XP. The article is in German, but offers an English translation.
Also published on Medium.