Starting on Friday, May 12th , computers in countries around the world have fallen victim to the latest ransomware attack. As of Monday morning, it is estimated that more than 150 countries have infected systems, totaling over 200,000 computers. The ransomware is known as WannaCry (or WannaCrypt), and as you might expect, it encrypts your computer and holds your files hostage, requiring you to pay a ransom to get your files back. The spread of this ransomware was enabled by a vulnerability in Windows, particularly for those running older versions of Windows. The patch for this vulnerability was made available earlier this year for currently supported versions of Windows, but Microsoft has now made patches available for older, unsupported versions of Windows.
Over the weekend, a British security researcher inadvertently managed to slow the spread of WannaCry, but experts do not believe the attack is over. In fact, there is evidence that new versions of the ransomware are now circulating that do not have the kill-switch activated by this researcher. If you have a Windows machine and have not yet been infected, you should immediately install the security update that Microsoft released on Friday.
The ransom demand for WannaCry stated that the ransom doubles 72 hours after the attack, and after seven days, files would be permanently locked. As of Monday morning, experts estimate the hackers have received roughly $50,000 in bitcoin ransom payments, which is minimal given the extent of the attack. At the same time, there are not yet any reports of victims recovering their files after paying the ransom.
Download the full article, “Burr Alert: WannaCry Ransomware – What You Need to Know.”