On a seemingly peaceful Friday morning of May 12 2017, a ransomware attack spread like wildfire across the globe. The attack infected tens of thousands of computers and critical systems. Those affected by the attack included hospitals, UK’s FedEx offices, a telecom company in Spain, and even the Russian Interior Ministry. Let’s find out more about this ransomware attack and whether it could have been prevented:
What You Need to Know About WannaCry
Also known as WannaCry, the WannaCrypt ransomware used the EternalBlue exploit to target Microsoft servers that were running the Server Message Block (SMB) protocol (it is a file sharing protocol). The EternalBlue software was stolen from the National Security Agency by cyber criminals, and they were used to gained access to Windows computers, encrypt their contents, and demand payments for the key to decrypt those files. In addition, the ransom also increases at a certain interval.
The initial reports of the coordinated attack originated from the United Kingdom, at approximately 12.30pm local time. National Health Service’s (NHS) systems began to crash, and pop-up messages started appearing on computer screens. WannaCry demanded $300 worth of bitcoins in exchange for the decryption key. If the victim didn’t pay in time, all of the files on the computer will be deleted or leaked elsewhere. Because of this attack, several hospital operations and surgical procedures had to be shut down and postponed respectively while government officials struggled to respond to the attack.
Could the WannaCrypt Ransomware Attack be Prevented?
Yes, WannaCry was largely preventable, provided that Window users constantly installed all the critical security patches that Microsoft releases every now and then. For instance, the MS17-010 security update that was released on 14 March 2017. Large numbers of Windows users overlooked this update and were affected when the EternalBlue vulnerability spread in 12 May 2017 (just two months later). Other things that users needed to do were to use utmost vigilance when opening documents and emails from unknown and unreliable sources.
Here’s a quick look at more ways to protect yourself from ransomware attacks:
- Do not entertain untrustworthy pop-up windows
Ransomware developers frequently utilize pop-up windows to warn their targets that there is some kind of malware on their machine. Do not click on that window at all costs! There are also variations where window prompts will appear and ask you whether you want to ‘Leave’ or ‘Stay’. Do not click either option as well. Instead, close the windows via keyboard command or do so via the taskbar.
- Use a private proxy server
Private proxies can protect you against malware that targets online access points that are open. This is especially relevant if you use a public network connection. However, keep in mind that a proxy server cannot protect you if you still download a software, app, or document that contains malware. Although a private proxy encrypts your activity online, it is imperative that you exercise caution when opening and downloading certain links or files. If you are looking to get a private proxy for online browsing needs, don’t hesitate to contact Proxy Key today.