So What is WannaCry?
Last Friday there was a global cyberattack that affected 150 countries called WannaCry, also known as Wanna Decryptor and “wcry”. WannaCry is a Ransomware attack that extorts innocent PC users by encrypting their files and demanding a ransom in bitcoin to release them.
WannaCry affects machines running old versions of Windows operating system (Windows XP, 8 and Server 2003). Like other ransomwares, it locks the data on a computer system and leaves the user with two files: instructions on what to do and the Wanna Decryptor program. Victims are warned that their files will be deleted within days if they do not pay up using Bitcoin, the world’s biggest virtual currency that can be transferred and used to make payments anonymously.
This is the screen you do not want to get:
Should you pay the ransom?
If you get infected, we strongly recommend you not to pay the ransom. As of May 14th , the three bitcoin accounts associated with the WannaCry ransomware have accumulated more than $33,000 between them. Despite that, not a single case has been reported of anyone receiving their files back.
The decryption process itself is problematic, to say the least.
Unlike other ransomwares market, WannaCry doesn’t seem to have a way of associating a payment to the person making it. Most ransomware, such as Cerber, generate a unique ID and bitcoin wallet for each victim and thus know who to send the decryption keys to. WannaCry, on the other hand, only asks you to make a payment and wait.
Most ransomwares pride themselves on customer support, and are usually very easy to contact. That is not the case with WannaCry, that we’ve made our best efforts to contact, but have not receive a reply.
Lastly, our research at Check Point puts into question the ability of WannaCry’s creators to decrypt your files at all even if they want to.
How to protect myself ?
1. Use Windows 8.1 and above and keep it updated to the latest update. If you have disabled automatic updates, turn them back on in the Windows Control Panel, and leave them on.
2. Back up your files on the cloud, or external drive that you disconnect from your PC. This is a good idea for a lot of bad things that can happen.
3. Install PC security software that blocks not only known cyberattacks but also Zero-Day ones. Zero-Day attacks, as Wannacry, are new cyberattacks that do not appear in the black-list of the traditional antiviruses and therefore are not blocked by them. We recommend ZoneAlarm Extreme Security with its unique Threat Emulation technology that detects even zero day attacks.