What is WannaCry and What Can I Do About It?

We recently discussed ransomware, and why you need to prepare for it. WannaCry is perhaps the most notorious and prolific of recent ransomware-style attacks. It’s stopped businesses, small and large, in their tracks, holding their data hostage and demanding thousands or tens of thousands of dollars in Bitcoin, with no assurance that data would actually be decrypted.

Here’s how it works: once WannaCry makes its way into a computer, it encrypts everything it can find, thus making the data inaccessible (and completely useless) to the business. A screen appears on the computer, asking for money in exchange for the data to return to normal. The price continues to climb as the days continue. At the end of the countdown, the files are completely destroyed.

As you can imagine, the effect is devastating to companies, not only from the loss of data but from also from lost productivity and customers. And unfortunately, WannaCry is remarkably effective: it’s quite a lucrative endeavor for hackers. The worst part: there are few ways to stop it.

What you can do about WannaCry

So, what can you do to mitigate WannaCry’s impact on your business? We’ve gathered a few of our top suggestions for minimizing the damage.

• Run the Microsoft Security Update now. Microsoft put out a security update this past March which specifically targeted a vulnerability that was susceptible to WannaCry. The update ensures protection from this specific vulnerability.
• Keep your plugins and patches up to date. Don’t allow your other updates to lag. This includes applications such as Adobe and Java. Plus, ad blockers do more than block ads; they’re helpful in preventing users from clicking on bad links and accessing malware that can lead to ransomware-like attacks.
• Educate your workforce. Your fellow employees are often your worst threat, as it’s their decisions and actions that can either help spread ransomware or help prevent it. Educate your users about what to look for and what to do if they see or experience something suspicious. Also, educate them about the proper procedures to take should an actual ransomware attack occur.
• Learn your safe point. Learn how to determine the exact time ransomware hit your data and use that time marker to restore the most recent versions of files and virtual machines. (This can be a tedious process if you haven’t invested in Disaster Recovery as a Service, but it’s well worth the effort).
• Try to set your BIOS clock back. This may not always work, but you can attempt to set your BIOS clock back, before the ransom expiration window. This has been effective in delaying the ransom deadline, but it only works on certain types of ransomware.

Lastly, take the time to stay up to date on WannaCry and ransomware in general. Developments happen fast in cybersecurity, and if your business is attacked, you’ll be happy that you took the time to stay educated on the latest issues and strategies.