Recently, WannaCry ransomware infected several computers running on Windows OS, and files were held under a ransom in more than 150 countries. The cyber attack targeted large businesses, government offices and individuals.
The WannaCry ransomware is now being referred to as one of the biggest cyber attacks in recent times. By following the steps detailed herein, users can protect themselves from the Windows hacking attacks and keep their personal data safe from the ransomware.
The first step for preventing such a ransomware attack like WannaCry is to apply the security patches that have been released and recommended by Microsoft through its bulletin MS17-010, which has been marked as critical.
Updating to the latest version is important, as the latest security updates from Microsoft will close the vulnerability that was exploited by the WannaCry ransomware.
If the system is not patched with recent updates, the device carries a high risk of being infected with ransomware. Users should access the Windows Update platform to install the patch.
There are also patches available for systems running on Windows XP, Windows 8 and other systems that are presently not supported with updates by Microsoft.
The next step is to maintain an updated antivirus program. An antivirus program will be effective in preventing any such ransomware attacks from harming the system.
These security measures will block malicious programs and close gaps where the virus can access a device’s system, even if the virus was accidentally downloaded one from an untrustworthy site.
Kaspersky Labs’ Global Research and Analysis Team advises users that if their antivirus program detects MEM:Trojan.Win64.EquationDRug.gen and other similar types of malware files, they should then reboot their computer system to prevent ransomware attacks.
Security researchers also noticed that WannaCry has been targeting embedded systems. Users must make sure that they have installed dedicated security solutions in case of embedded systems and that the functionality for Default Deny is enabled.
Kaspersky Labs also says users should switch on the System Watcher function.
Always have all your important files stored in an offline database, and regularly update this database with the latest important files in your system. It would be better to have this kind of backup in a different device, rather than in one single device, for protection against ransomware.
Another option for saving important files is to make use of cloud-based services, such as Dropbox or Google Drive and Apple iCloud.
The 360 Document Protector is also an app that has been created for protecting data against ransomware like WannaCry. It offers monitoring of malware in real time, along with an automatic backup and decryption tools that are built-in for offering security to computers.
Do not open an email or a link within an email if it is coming from one of your unknown contacts. In several cases, the WannaCry ransomware has been known to enter computers through email.
Also, do not download content from untrustworthy websites and don’t download any attachments from an unsolicited email. While browsing on the internet, keep away from any website that seems unsafe and make use of important filters on the browser, as protective measures against ransomware.
Victims of Ransomware
If you are already a victim of the WannaCry ransomware, there are some loopholes that you can make use of for minimizing the damage done, or at least prevent it from spreading to other areas of your device.
You must disconnect the system that has been affected by the attack at once, so that it stops spreading. Additionally, the encryption of files does not take place instantly, so you should attempt to back up important files immediately in order to reduce the damage done.
Victims are also advised not to pay the ransom demanded, as there is no surety or assurance that you will get back your files. It is better to report the ransomware attack to law enforcement authorities.
A security researcher just released a decryption tool called “WannaKey,”available for free on GitHub.
The tool has been tested and known to work for Windows XP, 7 x86, 2003, Vista and Windows Server 2008, as long as the computer hasn’t been rebooted after the WannaCry ransomware has entered its system. The tool cannot be applied to computers with memory that haven’t been erased or allocated by other processes.