WannaCrypt ransomware attack

Taken from Wikipedia

The WannaCry ransomware attack (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is an ongoing cyber-attack of the WannaCry ransomware computer worm targeting the Microsoft Windows operating system. The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrency Bitcoin in 28 languages. The attack has been described by Europol as unprecedented in scale.

The attack affected Telefónica and several other large companies in Spain, as well as parts of Britain’s National Health Service (NHS), FedEx, Deutsche Bahn, and LATAM Airlines. Other targets in at least 99 countries were also reported to have been attacked around the same time.
Like previous ransomware, the attack spreads by phishing emails,but also uses the EternalBlue exploit and DoublePulsar backdoor developed by the U.S. National Security Agency (NSA) to spread through a network which has not installed recent security updates to directly infect any exposed systems. A “critical” patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems,[20] but many organizations had not yet applied it.
Those still running exposed older, unsupported operating systems were initially at particular risk, such as Windows XP and Windows Server 2003, but Microsoft has now taken the unusual step of releasing updates for these.
Shortly after the attack began, a web security researcher who blogs as “MalwareTech” accidentally found an effective kill switch, registering a website that was mentioned in the code of the ransomware. This slowed the spread of infection, but new versions have now been detected that lack the kill switch.

If you have Windows XP, you must update your systems now.

Here are some further steps to take:

Pick a strong password

It can take a hacker’s computer only ten minutes to guess a password made up of six lowercase letters, but free websites such as safepassword.com can help you create a nearly uncrackable password with uppercase letters, symbols, and numbers. Using phrases as passwords works well too (the website passphra.se can help you create them). The phrase “say no to hackers,” for instance, would theoretically take a hack thousands of years to guess-until now, that is. These are the most common digital passwords of the year. Make sure that yours isn’t on the list.

Use 2-step verification

Facebook and Gmail have an optional security feature that, once activated, requires you to enter two passwords- your normal password plus a code that the companies text to your phone-to access your account. “The added step is a slight inconvenience that’s worth the trouble when the alternative can be getting hacked,” says CNET tech writer Matt Elliot. To set up the verification on Gmail, click on Account, then Security. On Facebook, log in, click on the down icon next to Home, and then click on Account Setting, Security, and finally Login Approvals. These password recovery questions are easy to hack.

Use wi-fi hot spots sparingly

T-Mobile and ATT, the largest providers of free public wireless internet (the kind often available in coffee shops, airports and hotels), don’t require encryption of data traveling between laptops and the internet, which means any info-your email pw, your bank account balance-is vulnerable to hackers. In windows, right click on the wireless icon in the taskbar to it off. On a mac, click the wifi icon in the menu bar to turn off wifi.

Back up your data

Hackers can delete years’ worth of emails, photos, documents and music from your computer in minutes. Protect your digital files by using a simple and free backup system available on websites such as crashplan.com and dropbox.com.

Sources: CNET, Lifehacker, NPR,ABC

Advertisements