It’s been quite some time since we’ve seen a worm in the wild cause quite so much panic. Malicious software that blocks access to computers is spreading swiftly across the world, snarling critical systems in hospitals, telecommunications and corporate offices, apparently with the help of a software vulnerability originally discovered by the National Security Agency.
The program is called Wanna Decrypt0R 2.0 and appears to support 28 different languages, indicating its potential worldwide reach. The ransomware locks computers and then launches a ransom note in a text file, according to researchers at the Avast security software company in the Czech Republic.
Reddit user Purple patch reports:
I’m a doctor in one of the affected hospitals, a major trauma center in London. Everything has gone down. No blood results, no radiology images, there’s no group specific blood available. They’ve declared an internal major incident, the hospital is diverting major trauma and stroke patients. All elective surgery was cancelled from about 1pm. We’re not doing anything in theatre that’s not life or limb threatening. There will almost certainly be deaths as a result of this.
The note says that “you need to pay service fees for the decryption” and asks for $300 worth of Bitcoin to be sent electronically to an address. It was not clear who would receive the funds, nor the group or individual behind the attack. A sum of $300 is a fairly low ransom when compared to some previous attacks, such as last June at the University of Calgary, which agreed to pay nearly $16,000 in bitcoin currency to an unknown group of hackers.
How to protect yourself
You know those windows updates you’ve been ignoring? It’s time to update. Microsoft released a patch for this particular nasty back in March. However a number of computers have yet to apply or install the patch.
Configuring Automatic Updates in Windows 10
- Select the Start button
- Select Settings
- Select Update & security
- Select Windows Update
- Select Check for Updates (Updates will download and install if they are available)
Configuring Automatic Updates in Windows 8/8.1
- Open Windows Update by swiping in from the right edge of the screen (or, if you’re using a mouse, pointing to the lower-right corner of the screen and moving the mouse pointer up), tapping or clicking Settings, tapping or clicking Change PC settings, and then tapping or clicking Update and recovery.
- Tap or click Choose how updates get installed.
- Select “Install Updates Automatically (Recommended)”
- Tap or click Apply
Configuring Automatic Updates in Windows 7/Vista
- Open Control Panel and double click Windows Update.
- In the Windows Update window, select the Change Settings task on the left.
- Select “Install updates automatically (recommended)”
- Click OK
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.
This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software and Vulnerability Severity Ratings section.
The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests.
For more information about the vulnerabilities, see the Vulnerability Information section.
More information here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Already been infected? See this article here: https://provirusesremoval.com/guide-remove-wannacry-virus/ You can also Contact Us for assistance.