Written by:
Leo Hoogma
In the global cyber attack on companies and government institutions that took place in more than 70 countries last week, more than 200,000 computer systems in more than 150 countries were shut down in 48 hours. FedEx, Telecom giant Telefonica, Renault car manufacturer, Q-park and several hospitals in the UK are a few examples of organizations affected. The virus attack with so-called ransomware became known worldwide under the name WannaCry. In the Netherlands, the damage was relatively easy. Only Q-park seems to have been affected by the ransomware.
WannyCry is ransomware, a form of malware that takes entire computer systems or just a few important files hostage by encrypting the files. WannaCry consists of two components; a worm and a ransomware component. As soon as an infection occurs, randsomware encrypts important files on the computer and the worm component looks for vulnerable systems to spread the infection further. This further spreading is also done by scanning random IP addresses on the Internet in order to find even more targets.
Cyber criminals have exploited a vulnerability in Windows. The update in question that can close this vulnerability has already been made available by Microsoft on March 14.
Due to an attack with the so-called WannaCry ransomware, various file types are encrypted and provided with the extension `wcry`. Then a pop-up will appear that decryption of the files is only possible if you transfer the equivalent of $ 300 in bitcoins to a specific address within three days.
The deliberate infection can be removed, but the encrypted files cannot be decrypted yourself. Decryption requires a private key that cyber criminals only want to transfer for money.
If you are a victim of a cyber attack (be it by WannaCry or another ransomware virus) then our advice is to at least not transfer money to the aware cyber criminals. The best solution is to remove the virus in question and restore your data from a backup of your saved data.
It is not clear how the ransomware spreads, but there are precautions you can take so that you will not be bothered by it.
It is important to install all (Windows) updates as they become available. Organizations are sometimes afraid to install a new update or don't see it as a necessity, but to avoid major damage from ransomware, it is imperative to keep the system up to date.
Make regular backups of all data so that you can always fall back on it if you do become `infected`. Obviously you need to use an external hard drive or other storage medium for such a backup. In addition, make sure you are using an antivirus program. A good antivirus program is an absolute must against cybercrime. You can also use a spam filter for your e-mail.
And it cannot be said often enough: be careful when opening email messages. WannaCry did not use e-mail, but normally this type of ransomware is usually sent via e-mail messages. Be on the lookout if you receive an e-mail message from an unknown sender or an e-mail message that is written in flawed Dutch and never open an attachment with an e-mail just like that. Hoogma Webdesign can be of service in tackling cybercrime with the help of a good antivirus program. We are a dealer of the award-winning ESET NOD32 Antivirus program. We also help you if you have unexpectedly become a victim of a cyber attack. You can also contact us for an effective spam filter for all your e-mail messages. Inquire about the possibilities without obligation.
Would you like to read more blog posts? Go to the page Blog.