Is the Ransomware that Ruled the World Dead?
Quite possibly, yes. WannaCry ransomware hit over 200,000 devices in 150 different countries on Friday, May 12, 2017. The malicious attack was distributed by both SMB ports and phishing emails. This cyber attack sent the world into a panic, and rightfully so. The concept of ransomware, or malicious software that encrypts computer files and holds them hostage until payment demands are met, is nothing new. It has actually been around for almost 30 years. However, the cyber security industry has seen major spikes in ransomware attacks in the last two years. So, although WannaCry may be dead, ransomware is still very much alive.
The Windows vulnerability this particular ransomware variant was spreading through, EternalBlue, has been patched. Also, each identified version of WannaCry has been added to anti-virus’ blacklist, meaning it will be blocked. However, cyber criminals could make alternative versions that are not on the blacklist. This means more infections could spread. Although, users who are using a security solution that detects malware from a whitelist will remain protected.
The PC Matic malware research team has not seen any new WannaCry variants since 12 p.m. EST on May 12th. This could mean two different things. First, the cyber criminals stopped writing different versions of the ransomware. Or, they realized attacking PC Matic users was a complete waste of time. Now, to be fair, we have no evidence of the latter. What we do know is, our malware research team saw attempted malicious executions — which were all blocked — for a few hours Friday morning. Again, by 12 p.m. EST, those attempts stopped.
WannaCry may no longer be a threat, but cyber crime is not. Keeping your data safe and your privacy secure has never been more critical. Use the following tips to keep your data safe:
- Back up your data regularly. If you use an external device to back up your data, be sure to unplug it after the back-up process is complete. Uncertain how to back up? Learn more here.
- Keep all of your programs current and up-to-date. This includes all of your daily programs, as well as your security software.
- Update your operating system to patch any security vulnerabilities.
- Use a security solution that implements application whitelisting technology as its primary method of malware detection.
- Think before you click! Often times people start clicking before they read. This is disaster waiting to happen. Understand what you are downloading — both programs and files. If a website, pop-up or email seems suspicious, avoid it.