Over the last few days, a form of ransomware known as WannaCrypt has wreaked havoc across 150 different countries and countless organisations, including the NHS. The virus is still spreading, encrypting files and holding them to ransom.
Microsoft have now released updates for affected Windows systems. If you have Windows Update enabled, this security update should have been installed. If you're unsure as to whether this update has installed or you have Windows Update disabled, you can find the full list of security fixes for affected systems at the bottom of this statement from Microsoft. Just click the version of Windows that you're running to download the fix.
Where did the ransomware come from, and how does it work?
The bug was previously used by the NSA, as a way to hijack computers and spy on their targets. It was stolen from the organisation and published online last month, where it was immediately exploited by unscrupulous individuals.
WannaCrypt is able to spread far faster than other viruses because it can move around a network by itself. This means if one computer in your office is infected, the virus can infect every other vulnerable computer; you don't need to click a dodgy attachment in an email.
Once it's on your computer, your files will be encrypted. You're then presented with a lock screen with a countdown timer and some terrible English, which promises you can have your files back once you send the hackers £230 worth of Bitcoin.
Is my computer vulnerable to this kind of attack?
WannaCrypt is targeting computers running Windows with a certain security flaw. If you're running an older version of Windows (Windows XP, Windows 8 and Windows Server 2003), you could be at risk from this attack as you no longer receive security updates from Microsoft.
PCs running older versions of Windows are particularly vulnerable to ransomware and viruses, as they are no longer supported by Microsoft and therefore become targets for hackers. Although Microsoft have released a fix for this version of WannaCrypt, they are unlikely to continue doing this for future attacks. If possible, we recommend you upgrade to Windows 10 or another system which continues to receive support.
What should I do next?
If you've been infected, contact your IT support team immediately. Do not attempt to pay the ransom; there is no guarantee that your files will be decrypted, and the ransomware may have spread further than your machine.
Make sure that you have installed the latest security updates from Microsoft, particularly if you are running an unsupported versions of Windows or have Windows Update turned off. You can read Microsoft's full statement and install the updates here.
To protect your PC from further attacks, we highly recommend using firewalls and anti-virus software, and updating them regularly. Replace old servers and workstations, after discussing this with your IT support team. We'd also advise you to enable Windows Update, and perform regular system backups. Find out more about protecting your business from ransomware here.
Worried about ransomware affecting your business, or need help updating your system? Give us a call on 0191 482 0444