The estimated reading time for this post is 4 minutes
On Friday, the largest cyberattack ever infected over 200,000 computers in over 150 countries around the world. The attack launched a virus that locked the computers’ data until a ransom of $300 was paid in Bitcoin.
The ransomware virus, called WannaCry, infected computers in organizations ranging from the British healthcare system (NHS), to FedEx in the US, to the Russian Interior Ministry.
Although Friday’s massive cyberattack was stopped, the virus may soon return in a different form. It’s important to learn about the virus and the steps you should take now to protect your data from future versions of WannaCry.
How the Virus Locked Computers
WannaCry attacked computers that were connected to the Internet and that used Windows operating systems which had not yet been updated to a security patch that had been released by Microsoft in March of this year.
Unlike many other viruses, WannaCry didn’t depend on users clicking on links or attachments in emails or websites. Instead, the virus spread through the Internet looking for computers running Windows that had not been updated, and used a security hole to spread the infection and lock the data.
The New York Times has published an interactive graphic showing the spread of WannaCry on Friday: Animated Map of How Tens of Thousands of Computers Were Infected With Ransomware.
In addition to being widespread, the virus had a deep impact, affecting the health and safety of many people. The NHS in the UK was forced to reroute ambulances, cancel surgeries, and close hospitals to all but emergency cases. Patient records, lab results and appointment schedules were unavailable, putting lives at risk.
Latest guidance for the NHS on protecting against cyber attack issued by @NHSDigital #nhscyberattack https://t.co/M9Yb7xuw3a
— NHS England (@NHSEngland) May 14, 2017
How WannaCry Was Thwarted Accidentally
A developer accidentally discovered a way to disable WannaCry from spreading. He dug into the computer code and noticed that the virus directed the computers to a domain name. In a stroke of brilliance he checked on the domain name and discovered that it was available, so he bought it for a mere $10.69. That simple move enabled a “kill switch” that prevented WannaCry from spreading further.
Unfortunately, the kill switch does not unlock computers that were already infected by the virus.
The developer has chosen to remain nameless but goes by the Twitter handle @malwaretechblog. He wrote a blog post that explains in detail how he happened to discover the kill switch for WannaCry: How to Accidentally Stop a Global Cyber Attacks.
But We’re Not Safe Yet
This cyberattack took advantage of a security vulnerability in Windows that was fixed by an update to Windows 10 that Microsoft released in March. The vulnerability still exists for computers running previous versions of Windows and for computers running Windows 10 that do not yet have the March update installed.
If you haven’t updated your Windows computer to the most recent version of Windows 10, and weren’t affected by WannaCry, don’t assume your computer is safe. The virus may come back.
All the hackers have to do to launch a new cyberattack is to change the domain name embedded in WannaCry, then release the updated virus.
Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw. You’re only safe if you patch ASAP.
— MalwareTech (@MalwareTechBlog) May 14, 2017
How to Protect Your Data Against Future Cyberattacks
If you haven’t done so yet, download the latest Windows security patch to your computer. Microsoft, the maker of Windows, has now released security patches for older versions of Windows that give protection against WannaCry.
See, Microsoft How to keep your Windows computer up-to-date to find out how to update your Windows computer.
Allow automatic Windows updates if you aren’t diligent about keeping your computer updated.
[note] Wondering why major institutions haven’t updated to the latest version of Windows 10? The answer may not be incompetence or budget issues. This New York Times article gives an interesting analysis: The World Is Getting Hacked. Why Don’t We Do More to Stop It? [/note]
Also, make sure that you back up your data. If major institutions can lose their data to cyberattacks, you can too. Do regular backups of your data, both locally with an external drive and in the Cloud, so you preserve your data if when another cyberattack occurs.
Be sure not to click on links or download attachments in emails unless you are absolutely sure that they are not “phishing” emails from hackers. Although WannaCry didn’t use these methods, other ransomware attacks have in the past.
Your Thoughts
Had you heard about the cyberattack last week? Were you affected by WannaCry? Have you updated your computer and downloaded the latest version of Windows (or MacOS if you use an Apple computer)? Do you backup your data regularly?
Share your thoughts in the Comments section below!
* WannaCry image courtesy of Wikipedia Commons
** Cyberlock photo courtesy of HypnoArt via Pixabay and Creative Commons
Great tips on protecting yourself against cyberattack. Internet is really a world of its own and security on the web can’t be overemphasized.
Hi Odira, Thank you, I’m glad you found this article to be helpful. You’re right, we don’t know what hackers will do next, so it’s important to keep our computers updated. We might put off this task, not realizing the importance of it. But it’s better to stay ahead of hackers than play catch-up!
Hey Carolyn,
It can be really scary. People have so much important data in their computers but once they get hacked, everything is gone.
The virus seems to be strong. It’s kind of common that only Windows computers get infected.
That’s why I am thinking about buying a Mac.
Thanks for the info.
~Ravi
Hi Ravi, Yes, I use Mac computers and was glad that they weren’t targeted by WannaCry. Macs aren’t immune to hackers, but they are a smaller target and often hackers want the big fish so target Windows computers.
WannaCry definitely is an alarming virus that shows us how dependent our world is on computers and how vulnerable we are to the criminals who prey upon our dependency.
Ravi,
You are dead right. These attacks focus on Windows computers because they are the dominant OS. I see it as an intelligent test that the human race has failed. Why are we all so locked into Windows?! There are alternatives out there. Apple being one alternative of many…
A simple way to avoid is to update your Anti-virus regularly and also your Windows. Both the things are ignored by most of the people and they end up paying money to some stranger for his unethical brilliance.
Hi Kunal, Excellent point. Often patches are released after the virus takes advantage of an hole that hadn’t previously been found. But WannaCry took advantage of a hole that had already been patched.
People who keep their computers current with the latest Windows versions avoided WannaCry. But that New York Times article linked above shows why some organizations don’t keep current. It’s not because of laziness, budget issues, or incompetence. Often it’s because they might lose compatibility with other devices that can’t be updated.
But we can keep our personal computers updated to help prevent being victims to cyberattacks.
Yes I agree with that point, but what about banks and other financial institutions? I mean for Google and Apple they have to think about their users who are using different devices. For banks, they already their ATM machines. Trust me, 70% of the ATMs here are still running on Windows XP ? How ridiculous is that. At this point, I must like to salute the creator of Ransomeware, because if he hadn’t, these guys will still not update and end up getting robbed immensly.