Go to Top

WannaCry Ransomware Barrels Down on Computers – Now What?

wanna-cry-ransomware-

Many experts have been warning for a long time,  but last Friday it became a reality.  A new strain of Ransomware is infecting over 220,000 computers. The infection affected several British hospitals, Renault-a French car maker, and the German railroad operator- Deutsche Bahn.  Although a kill switch for the Ransomeware has stopped the spread of this version of Ransomware, the fix is only temporary. The WannaCry Ransomware virus, once activated, encrypts files, drives, and entire networks. Once the Ransomware infects the computer, a message appears on the screen telling the user that the computer and its data are unavailable and can only gain access by paying a ransom in the form of the crypto currency, Bitcoin.

The virus was able to spread so quickly because the blackmailers had used a zero-day gap in the Windows operating system. This is a security vulnerability in all operating system versions since Windows XP. Microsoft had already released an important security bulletin and important patches of this vulnerability in March with security update MS17-010, which can be found here:  https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Due to the ransomware attack, Microsoft released new patches to fix the security gap, which can be found here: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/.

All users, whether companies or individuals, should install the appropriate patch for their respective Windows system as soon as possible.

If infected by ransomware…

Even with the best precautions and policies in place, it is possible to fall victim to an attack. In the event that you are the victim of Ransomware, here is some advice to keep in mind:

  1. Remain calm. Rash decisions could cause further data loss. For example, if you discover a ransomware infection and suddenly cut power to a server, versus powering it down properly, you could lose data in addition to the infected data.
  2. Check your most-recent set of backups. If they are in-tact and up-to-date, the data recovery becomes easier to restore to a different system.
  3. Never pay the ransom because attackers may not unlock your data. We mentioned this earlier on. There are many cases of ransomware victims paying the ransom demanded and not receiving their data in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to the data by reverse engineering the malware.
  4. Contact a specialist for advice and to explore recovery options. We can examine your scenario to see if we have a solution already in place or if we are able to develop one in time.

To date, engineers at Kroll Ontrack have been able to identify over 225 variations of Ransomware that infect user devices and are continuing to produce more variations every day, plus others that may not have been reported already.  The team of engineers at Kroll Ontrack work around the clock to identify and find a solution for each type of Ransomware.  There is hope for Ransomware victims.

 

3 Responses to "WannaCry Ransomware Barrels Down on Computers – Now What?"

  • Jodie
    15th May 2017 - 9:16 pm Reply

    0Day? Really? That’s not good for credibility. Patches were released nearly two months before. The 0Day had long flown by the time this hit – as you acknowledge further down.

    Consider restating?

  • James
    18th May 2017 - 9:25 pm Reply

    Hey folks, fortunately there is already a small application released by “NoToRansomWares2017” to remove the WannaCry initial release and the WannaCry v2.0.

    Visit the blog here:
    https://notoransomwares2017.wordpress.com/

    Here is the download link:
    http://microify.com/1g3A

    or here:
    http://www.datafilehost.com/d/702ad962

    Hope this helps.
    Just found it on a thread from the Deepweb.

    NOTE: If there is a new strain of wanna cry, the application will not be able to decrypt your files. It is only for the initial release of wanna cry and the new release aka. v2.0

Leave a Reply

Your email address will not be published. Required fields are marked *