Menu

WannaCry: Everything you want to know about the largest ransomware attack

You heard about the largest ransomware attack,the WannaCry?Are you worried that your computer will also get affected by this malware?But you don’t know how to prevent it,right? Don’t worry,I am here to help you all.Just read this article and you will be able to prevent yourself from this malware attack.

What is WannaCry?

WannaCry,also known as WannaCrypt,WanaCryptOr 2.0 and Wanna Decryptor,is a ransomware which affects the Windows Operating Systems. WannaCry ransomware affects the computers by encrypting the files on the computer and demanding ransoms to decrypt the files. The ransom amount demanded is $300 and in “Bitcoins”.This malware has already affected 230,000 computers in nearly 100 countries.

A computer screen showing WannaCry ransomware message asking to pay the ransom

Effects of this attack:-

The WannaCry attack has caused a shutdown in many companies.Most of the School’s and University’s computers were also affected.It also affected hospitals, creating chaos among the patients.

 

How the attack works?

The ransomware,like all the malware’s,exploits the vulnerabilities in the Operating System.This malware when infected in the computer encrypts the files in the hard disk and shows a message on the screen demanding the ransom with the payment option.There is a time indicator in the left of the screen which indicates the time within which the ransom must be paid.The ransom amount is $300 and it must be paid within 3 days.If the payment is not done within the mentioned time  the files will be lost permanently.The ransom is to be paid in “Bitcoins”.The message also  guarantees that the hackers will decrypt the files ,with the decrypt code which they have.

 

What measures Microsoft has taken?

Microsoft had released a security patch nearly 2 months ago for the Server Message Block (SMB) protocol,which Microsoft’s Windows uses. The computers affected, were those on which the patch update was not installed. The attack also affected the older versions of the Windows operating system’s which are no more supported by the Microsoft Corporation.But yesterday Microsoft also released the update for the older unsupported versions of the Windows OS like Windows XP,VISTA etc.

 

How to prevent this attacks?

Now,I will tell you some simple steps to prevent this attack.Please follow the steps

1.Update to the latest version of the Operating system.

2.Update the Windows Defender.

3.Turn-On the Pop-Up blocker in the browser.

4.Turn-On Smart Screen filter in the Internet Explorer.

5.Never click on  any unknown links ,as this malware spreads through emails too.

6.Always backup your files.

7.Disable the SMB ,

  •       Follow this to disable the SMB,

                      For  Windows Vista and later

Click on this link Microsoft Knowledge Base Article 2696547.

Alternative method for customers running Windows 8.1 or Windows Server 2012 R2 and later

For client operating systems:

  1. Open Control Panel, click Programs, and then click Turn Windows features on or off.
  2. In the Windows Features window, clear the SMB1.0/CIFS File Sharing Support checkbox, and  click OK and close the window.
  3. Restart the system.

For server operating systems:

  1. Open Server Manager and then click the Manage menu and select Remove Roles and Features.
  2. In the Features window, clear the SMB1.0/CIFS File Sharing Support check box,  then click OK and close the window.
  3. Restart the system.

 

How to undo the workaround. Retrace the workaround steps, and select the SMB 1.0/CIFS File Sharing Support check box to restore the SMB1.0/CIFS File Sharing Support feature to an active state.

What to do when your computer is affected by this malware?

1.Don’t pay the ransom,there is no guarantee that the hackers will decrypt your files.

2.Contact your nearest Cyber security experts.

3.Install a Anti-Virus or at least a trial version .The Anti-Virus’s ransomware removal tool will wipe out any malware or ransomware in the computer.

However,the largest ransomware attack is now slowing down,thanks to MalwareTech a UK based Analyst. MalwareTech discovered a “Kill Switch” which is the reason for slowing down of the attack.But,this is not permanent solution ,this just gives time for all the computer owners who didn’t update their computers,to install the patch.Cyber Experts are finding the solution for this serious problem.Hope they find the solution soon.

 

Click here to install the patch from Microsoft’s site.

I hope that by reading this article you got some idea about WannaCry ,the largest ransomware attack and how to prevent it from affecting your computer.

If you have any doubt’s regarding this  please feel free to ask in the comment section and also please “Like” us on Facebook.

 

 

One Response
  1. Mohan May 15, 2017 / Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

DMCA.com Protection Status