Bhubaneswar: WannaCry ransomware encrypts files in infected Microsoft Windows system. This generally spreads using vulnerability in implementation of server message block (SMB) in the systems.
It encrypts the data of the targeted computer to WanaCrypt0r 2.0 and asks for US$ 300-600 within 96 hours in Bitcoin (digital asset or crypto currency).
If not paid within the deadline, the ransomware developers may delete the decryption key, causing the victim to lose all files permanently.
In the first phase of WannaCry attack, hackers put down major airlines, educational institutions, health networks and computer systems, which caused delay in service.
Here are some preventive measures:
System administrators, especially individual users, are advised a flurry of measures to protect their computers and the entire network from ransomware infections:
- Apply Microsoft’s security patch MS17-010. The security update resolves vulnerabilities in Windows systems
- Back up important files to an external storage device and keep it in offline mode
- Avoid using pirated copies of Windows
- Server administrators should strengthen their firewalls to prevent the injection of such ransomware into the system. They should also disable the execution of .exe files on the server
- Users must disable remote desktop connections
- Administrators should restrict user’s ability to install unwanted applications
- Keep operating system, third party software and anti-viruses updated
- If a computer in your networking system is attacked by ransomware, immediately disconnect the computer from the network