Wannacry Ransomware Virus is the talk of the world for the past few days. On 12th may 2017, the attack has been started injecting the computers. This is one of the largest virus attacks of all time and the virus is affecting thousands and thousands of computers in over 100 countries. Many major company computers were infected by this virus. Before we see the ways to protect from the Virus, let me explain in short about the virus and what it does.
Wannacry is a virus also known as WannaCrypt, which will enter into your computer and encrypt all your files and pops up a message asking for ransomware. Once your files are encrypted by the virus, then you will not be able to access file contents and in order to do so, you have to decrypt them. To decrypt the files, the attackers demand you to pay $300 via Bitcoin and the amount will be increased after 72 hours and later the files will be deleted.
EternalBlue, sometimes stylized as ETERNALBLUE, is an exploit generally believed to have been developed by the U.S. National Security Agency (NSA). It was leaked by the Shadow Brokers hacker group on 14 April 2017 and was used as part of the worldwide WannaCry ransomware attack on 12 May 2017.
The virus is spreading to computers via phishing websites, codes in emails, torrents, network, etc., If one of the computers affected by the virus, then it will easily spread across the network using the standard network file sharing protocol in windows called SMB [Server Message Block].
WannaCry Virus affects only windows operating system and there is no problem for Android, iOS, MacOS, Linux users. Now let’s see how to protect yourself from WannaCry Ransomware Virus.
To know more, check out the Frequently Asked Question about Wannacry Ransomware Virus here.
Ways To Protect From WannaCry Ransomware Virus:
Keep Windows Up-to-date:
Keep your windows up to date, so that the latest security patches from Microsoft will be installed in order to prevent your computer from the virus. In fact a critical patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations/users had not yet applied it. Microsoft has released patches related to Wannacry.
For customers using Windows Defender, Microsoft has released an update which detects this threat as Ransom:Win32/WannaCrypt .
Even they have released patches for the Windows XP, 2003 operating systems where they have already disconnected their support.
Don’t Open Malicious Mails:
The virus is mainly spreading via the emails with attractive offers and freebies. Hence don’t open any emails after from your contacts and also don’t open any links from emails and don’t download any attachments from unknown contacts.
Don’t navigate to any phishing websites and download any contents from them. Also be safe from torrent websites as well. The Virus may available in any torrent, so be aware.
Take the backup of your files in any external drives which you won’t connect with your computer often so that you can use the backup to restore in case your computer is affected with the virus. To be more secure try to backup your contents in the cloud storage.
Remove SMBv1 Protocol:
In order to prevent Wannacry spreading to the computers through the network, it has been considered as safe to disbale/remove SMBv1[Server Message Block] Protocol in Windows operating system for time being.
The instruction was officially suggested by Microsoft –
This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks).
By disabling/removing, the SMB protocol cannot be directly accessed from the internet, will prevent the virus somewhere. Please do checkout the detailed tutorial on How to enable/disable SMBv1 Protocol in Windows.
All the antivirus companies have also started releasing the patch for the new Wannacry virus, hence kindly update your antivirus.
The different version of the virus may be released by the attackers. Hence keep yourself safe with the above steps.
Hope the above tutorial will be helpful. Keep sharing the guide with your friends and family.