You Don’t WannaCry… Do You?

You’d have to be living in a cocoon to have missed the reports in the mainstream media this week about the WannaCry Worm which has infected vulnerable computers around the world. WannaCry is transmitted when people open infected email attachments and can spread itself quickly within organisations over their internal computer networks. Home PCs and laptops are just as vulnerable!

What is WannaCry?

It’s a computer worm categorised as ransomware! When a PC (or laptop) is infected by WannaCry or any of its variants, important files are encrypted (scrambled) and can no longer be read or used. The primary target is your documents and pictures.

Once infected, you have to pay a ransom to gain access to your documents and pictures.

How do I recover from a WannaCry Infection?

If you want to recover (decrypt) your documents and pictures, you have to pay $US300 in Bitcoins to some ratbag. If you take more than 3 days, they double the charge to $US600 and after 6 days, they simply walk away leaving your PC information completely inaccessible.

If you don’t want to pay the money, you better have a (recent) backup of your documents, pictures, music and videos. You’ll likely need to reset your PC (reinstall Windows!) to remove the infection and then restore your documents, pictures, music and videos from the backup.

If you want to avoid having to choose a recovery method then read on…

Who is being targeted?

There is a well documented “vulnerability” inside Windows which has existed for many years (inside the Server Message Block – aka the “SMB Protocol”). The vulnerability exists in Windows XP, Vista, Windows 8 and Windows 10. Details on how to exploit the vulnerability were stolen from the NSA and published on the Internet by some hackers on 14 April 2017.

It only took the ratbags 28 days to create WannaCry which exploits the SMB vulnerability in Windows and holds PCs to ransom while replicating itself. On 12 May 2017, they released the worm which quickly spread through the Internet.

– – Tablets, smartphones and Macs are not affected by this type of worm – –

How are the Good Guys fighting back?

Microsoft released a Security Patch to plug the holes in the SMB protocol on 14 March 2017. Windows XP wasn’t patched at that time but on 13 May 2017 a separate (one-off) XP Security Patch was released.

If you have Windows Updates and your Anti-Virus software turned on and up to date on your computer, you should be protected!

As you’ll have seen in the media, a young Security Analyst in the UK also managed to find the “Kill Switch” inside WannaCry and pretty much stopped it in its tracks. Sadly, it won’t be long before the ratbags remove the “Kill Switch” and a variant of WannaCry starts spreading again.

How do I avoid being infected by these things in the first place?

Keeping your computer safe uses the same principles as keeping yourself and your friends safe in everyday life…

  • Use Common Sense
  • Think Ahead
  • Take Precautions

Here’s my checklist of things you should consider to keep your computer safe now and in the future…

Use Common Sense

  • Don’t open emails from people you don’t know unless you’re 100% sure you know why they’ve sent it to you. If you’re unsure, delete it!
  • Don’t open attachments inside emails from people you don’t know
  • Don’t open attachments you aren’t expecting (even if you know the sender)
  • If you receive a strange looking or unexpected email from someone you do know, check with them first before opening it – they may have been hacked!
    Never use REPLY to contact them – use the address you can trust in your Contact List.
  • Remember: If it looks strange or out of place, you should be suspicious and act accordingly
  • Replace your Windows XP computer now- it’s very vulnerable to this type of attack! Windows XP is no longer supported by Microsoft and their recent Security Patch is not a change of policy. If you’re still using a Windows XP computer you should seriously think about replacing it by a new computer or possibly a tablet. Come to a How Do I…? Workshop at SeniorNet Kapiti and we can discuss your options.
  • Microsoft never call people at home and offer to fix their PCs for them. If you ever get this type of phonecall, please hang up immediately

Think Ahead

Take backups……REGULARLY!!

  • How hard would it be to (right now) copy your Documents folder onto a 16Gb memory stick?
    If you have lots of photos, music or videos, you may need to purchase a portable Hard Disk for your backups.usb-external-hard-drive
    You can buy a 1Tb (1000Gb) Hard Disk from our sponsor Noel Leeming for $79 today!
  • Make sure your backups are not accessible from the Internet – ie disconnect your backup device from your PC and put it in a drawer…..or better still, keep it offsite at a relative’s or friend’s place.
  • Update your backups every 3 to 6 months
  • Alternating between two backup drives is even smarter if you can afford it

Take Precautions

  • Make sure Windows Update is running at all times and install all the updates that Microsoft push onto your machine. If you’re using Windows Defender then your Anti-Virus and Anti-Spamware is being updated every time you turn your PC or laptop on
  • Whatever you’re using, make sure your Anti-Virus software is up to date and the latest signature files are installed.
    If you’re sick of paying for Anti-Virus software, come to a How Do I…? Workshop at SeniorNet Kapiti and we’ll remove it for you. On Windows 10, Windows Defender will immediately take over Anti-Virus and Anti-Spamware duties and keep you safe… for free.

In Summary

There’s no need to panic over WannaCry. Knowing a little about how it works (by reading this article) helps you to understand how to protect yourself from becoming infected.

There will almost certainly be variants of this worm in the coming weeks and months. Work through the advice given above and make sure you’re doing all you can to stay safe

If you’re still concerned, come to a How Do I…? Workshop or Q&A at SeniorNet Kapiti and we’ll answer any questions you might still have.