WannaCry Ransomware: How to protect yourself

On Friday last week, the world was hit by a global ransomware campaign of unprecedented proportions. That campaign has now infected over 10,000 organizations and 200,000 individuals in 150 countries. This includes the UK National Health System that has been highlighted in media.

On Friday a researcher analyzing the code stopped the ransomware from spreading by registering a domain that served as a kill switch for the ransomware.

It wasn’t long before new variants of the WannaCry ransomware started emerging. One of the variants was also stopped today by registering a kill switch domain, the same way the ransomware was stopped on Friday. A second variant is not encrypting infected machines due to an error in programming, but it is spreading.

We expect new variants to emerge all week that continues to exploit the vulnerability in the Server Message Block (SMB) that WannaCry has been using.

How to protect yourself against WannaCry

General recommendations on how to stay a safe as possible

  • Always keep your OS and software updated to the latest version.
  • Ransomware is usually distributed through email attachments. Never click on a file from an unknown or unverified sender.
  • Use Anti-Virus programs. The usefulness has been questioned since cyber attackers get more and more skilled in writing attack software. But they do protect you in many cases.
  • Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.