Tuesday 16 May 2017

“WannaCry” Ransomware

a ransomware attack has emerged that is worthy of tears. WannaCry ransomware has hit the scene, spreading like wildfire across 150 countries and infecting more than 250,000 machines, which includes a massive takedown of 16 UK NHS medical centers in just one day. Other major countries impacted include Spain, Russia, Ukraine, India, China, Italy, and Egypt.
Now, how is this massive attack possible? The ransomware attack exploits the Server Message Block (SMB) critical vulnerability–also known as the Equation Group’s ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers a couple of weeks ago. Basically, the attacker can use just one exploit to gain remote access into a system. Once access is gained, the cybercriminal then encrypts data with a file extension “.WCRY.” Not to mention, the decypter tool used can hit users in multiple countries at once, and translate its ransom note to the appropriate language for that country. The ransom is said to demand $300 to decrypt the files.
The good news is, consumers don’t have to worry about this attack affecting their personal data, as it leverages a flaw within the way organizations’ networks allow devices to talk to each other.
However, this attack does act as a reminder for consumers to prepare for personal ransomware attacks. In order to stay prepared and keep your personal data secure, follow these tips:
-Be careful what you click on. This malware was distributed by phishing emails. You should only click on emails that you are sure came from a trusted source. Click here to learn more about phishing emails. 
-Back up your files. Always make sure your files are backed up. That way, if they become compromised in a ransomware attack, you can wipe your disk drive clean and restore the data from the backup.
-Update your devices. There are a few lessons to take away from WannaCry, but making sure your operating system is up-to-date needs to be near the top of the list. The reason is simple: nearly every software update contains security improvements that help secure your computer and removes the means for ransomware variants to infect a device.
Schedule automatic updates. It’s always a good practice to set your home systems to apply critical Windows Security Updates automatically. That way, whenever there is a vulnerability, you receive the patch immediately.
Apply any Windows security patches that Microsoft has sent you. If you are using an older version of Microsoft’s operating systems, such as Windows XP or Windows 8, click here to download emergency security patches from Microsoft. 
Keep security solutions up-to-date
source: McAfee