Norton UK Blog
"WannaCry" Ransomware: How to stay protected
Late last week, reports emerged of a variant of ransomware known as “WannaCry” began infecting around 90,000 Windows computers, and was spotted in about 70 countries.
A well-known form of malware, ransomware ruthlessly holds a computers data for ransom via encryption. If the user doesn’t pay the cybercriminal a certain amount of money within a certain frame of time, their data will be lost forever.
In this particular case, WannaCry demands that users to pay a $300 (£230) ransom in bitcoin. If the user does not pay within three days, the amount will be doubled. If payment is not made within a week, the files will be deleted.
Security researchers caught on to the threat quickly and made attempts to curb its infection rate. Unfortunately, this malware not only spreads itself rapidly, it also evolves quickly to avoid any attempts at mitigation. According to Europol, in just the short time since it was first discovered, the outbreak has increased to 200,000 users in 150 countries.
This ransomware threat is still very active on the internet, and you should take immediate care in order to not become one of its victims. Be sure you are using and updating security software in order to stay protected from the latest discovered versions of this ransomware.
Additionally, once you are sure your computer is clear of infection, perform a backup of your hard drive. After you have completed the backup, be sure you have unplugged your hard drive from the machine for safe storage.
As of 05/14 Symantec Security researchers have collected a large number of new samples and are currently trying to identify the new and emerging versions of this malware.
Norton products cover a large number of these newly discovered samples, including Ransom.Wannacry.
The VERY first thing you should do is update your computer’s operating system. Patches are being released for this particular variant of malware.
For more long-term prevention of ransomware attacks, follow these tips:
Ransomware Tips for Businesses and Consumers:
- New ransomware variants appear on a regular basis. Always keep your security software up to date to protect yourself against them.
- Keep your operating system and other software updated. Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
- Email is one of the main infection methods. Be wary of unexpected emails especially if they contain links and/or attachments.
- Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.
- Backing up important data is the single most effective way of combating ransomware infection. Attackers have leverage over their victims by encrypting valuable files and leaving them inaccessible. If the victim has backup copies, they can restore their files once the infection has been cleaned up. However organizations should ensure that back-ups are appropriately protected or stored off-line so that attackers can’t delete them.
- Using cloud services could help mitigate ransomware infection, since many retain previous versions of files, allowing you to “roll back” to the unencrypted form.
Ransomware: 5 dos and don'ts
(Guest Post By Kevin Haley, director, Symantec Security Response)
I despise all forms of bullying. Perhaps the one I hate most of all is where the bully takes a personal item, snatching it from you, and refuses to give it back. It’s dangled right in front of you, but held just out of reach. You’ll only get it back after doing whatever the bully wants.
Ransomware is an on-line form of the bully’s game of keep-away. Here, the bully gets on your computer and takes your personal files -words documents, photos, financial information, all the things you care about. Those files are still on your computer, dangling in from of you, but they are encrypted now, useless to you. In order to get them unencrypted, you’ll need to pay the bully 300-500 dollars (£230- 380).
How do you stop the bullies? There are five things that will make a tremendous difference.
Five Simple Do’s and Don’ts:
Don’t Pay the Ransom – I can hear someone asking, “But won’t you get your files back if you pay the ransom?” Just like a bully who tires of the keep-away game, you likely will get you files back if you pay. But you may not. Sensing a sucker on the hook, you might get asked to pay again and again. But let’s say you’ve got an honest thief, one willing to unlock your files if you pay. Why would you ever give money to a crook? Especially one who will use the money to fund playing bully to a host of other people? It just doesn’t seem right to me.
Don’t Click on Attachments in Email – There are a lot of different gangs running ransomware scams, who use different ways to try and infect you. One of the most popular is using spam. The email could be saying there was a package for you that couldn’t be delivered. Or a cool screensaver that you should install. Whatever the con, the bad guys want you to click on an attachment to install the malware. Don’t do it. Just don’t click.
Do Keep Software Up-to-date – The bad guys know about weaknesses in the software on your PC before you do. And they try to use them to get on your machine. Its called exploiting a vulnerability. Patching removes the vulnerability. If you’re asked if you want to update your software – Do. It. Now. Waiting only helps the bad guys.
Do Use Security Software – If you have a friend who is a security expert, that spends 24/7 keeping up on all the latest malware threats and watches over your shoulder whenever you are on your computer, you’ll be pretty safe on the internet. Otherwise, get good security software to do that. Make sure it is more than Anti-Virus. I recommend Norton Security.
Do Back-up – No one ever thinks anything bad will happen to them, until it does. I sure hope you never have ransomware infect your machine. But if it ever does, wouldn’t it be nice to have a copy of all your files somewhere safe? You can tell the bully where to get off. Everyone knows they need to back up their files. Now you have one more very good reason to do it.
These ransomware bullies are preying on us. But just by following a few simple dos and don’t we can protect ourselves from them. And protect ourselves from all the other malware bullies out there.
* Dark Web Monitoring defaults to monitoring your email address and begins immediately. Please sign in to your account to enter additional information for monitoring purposes.
** Does not include monitoring of chats or direct messages. May not identify cyberbullying, explicit or illigal content or hate speech. Social Media Monitoring only available on Facebook, Instagram, LinkedIn, Twitter and YouTube. On Facebook, Instagram and LinkedIn only account takeover feature is available.
No one can prevent all cybercrime or identity theft.
The Norton brand is part of NortonLifeLock Inc.
Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.